diff --git a/CVE-2019/CVE-2019-114xx/CVE-2019-11486.json b/CVE-2019/CVE-2019-114xx/CVE-2019-11486.json index fe175d78d48..80f2df1eaf1 100644 --- a/CVE-2019/CVE-2019-114xx/CVE-2019-11486.json +++ b/CVE-2019/CVE-2019-114xx/CVE-2019-11486.json @@ -2,8 +2,8 @@ "id": "CVE-2019-11486", "sourceIdentifier": "cve@mitre.org", "published": "2019-04-23T22:29:05.133", - "lastModified": "2019-06-15T01:29:00.717", - "vulnStatus": "Modified", + "lastModified": "2023-07-07T19:25:01.960", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,13 +15,13 @@ } ], "metrics": { - "cvssMetricV30": [ + "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", @@ -85,8 +85,120 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.16.66", + "matchCriteriaId": "F97FFEB5-C81D-4AB4-94F7-F2D480663DDA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.17", + "versionEndExcluding": "3.18.139", + "matchCriteriaId": "38D2BE0B-B7B1-4798-AE02-F25BCE43D452" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.19", + "versionEndExcluding": "4.4.179", + "matchCriteriaId": "4C8AD265-4D57-4C96-8CDE-E40908DC401D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.5", + "versionEndExcluding": "4.9.169", + "matchCriteriaId": "30B4C182-BE81-4381-94C5-BAC55EA22B46" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.112", + "matchCriteriaId": "A4CEB6C0-CF37-412C-8804-8B5BB13A6EC7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.35", + "matchCriteriaId": "E62E5576-988B-40C3-94E3-3402FC8C6EE6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", "versionEndExcluding": "5.0.8", - "matchCriteriaId": "BB1D92B6-C890-4C6E-AB92-6CAB72FE526B" + "matchCriteriaId": "5A9EC3D3-2514-4C33-8BAA-2F2D52E37B54" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", + "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", + "matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:active_iq:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EF29713A-2852-4E3D-9666-4001C7E8B667" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A3C19813-E823-456A-B1CE-EC0684CE1953" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:snapprotect:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F74F467A-0C81-40D9-BA06-40FB8EF02C04" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:9.7:*:*:*:*:vmware_vsphere:*:*", + "matchCriteriaId": "15BC23DF-BBA1-4CD3-A800-FEACF501021D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:9.7:*:*:*:*:*:*:*", + "matchCriteriaId": "73CBA7B6-1C6C-4FDF-BBCE-705940A145C9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:virtual_storage_console:9.7:*:*:*:*:vmware_vsphere:*:*", + "matchCriteriaId": "4AFD6E9F-C0C2-4B9B-B740-000C67E64036" } ] } @@ -96,15 +208,24 @@ "references": [ { "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://www.openwall.com/lists/oss-security/2019/04/29/1", @@ -160,31 +281,53 @@ }, { "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://seclists.org/bugtraq/2019/Jun/26", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://security.netapp.com/advisory/ntap-20190517-0005/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://support.f5.com/csp/article/K50222414", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.debian.org/security/2019/dsa-4465", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2020/CVE-2020-184xx/CVE-2020-18432.json b/CVE-2020/CVE-2020-184xx/CVE-2020-18432.json index a1a83b16f0b..4514b2068e5 100644 --- a/CVE-2020/CVE-2020-184xx/CVE-2020-18432.json +++ b/CVE-2020/CVE-2020-184xx/CVE-2020-18432.json @@ -2,19 +2,74 @@ "id": "CVE-2020-18432", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-30T02:15:08.623", - "lastModified": "2023-06-30T12:59:58.713", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T18:59:14.137", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "File Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers to upload arbitrary files and gain escalated privileges." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sem-cms:semcms:3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "71D2D1EA-A0BD-4894-A257-039E192DF475" + } + ] + } + ] + } + ], "references": [ { - "url": "https://vorders.me/2019/03/05/semcms-vulnerablity-before-php-v3-7/#admin-upload-webshell-in-SEMCMS-Upfile-php", - "source": "cve@mitre.org" + "url": "https://github.com/advisories/GHSA-hg72-f8x2-chjh", + "source": "nvd@nist.gov", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2020/CVE-2020-367xx/CVE-2020-36739.json b/CVE-2020/CVE-2020-367xx/CVE-2020-36739.json index 6763a9140b9..2b68c741e90 100644 --- a/CVE-2020/CVE-2020-367xx/CVE-2020-36739.json +++ b/CVE-2020/CVE-2020-367xx/CVE-2020-36739.json @@ -2,8 +2,8 @@ "id": "CVE-2020-36739", "sourceIdentifier": "security@wordfence.com", "published": "2023-07-01T04:15:10.330", - "lastModified": "2023-07-03T01:10:10.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T19:06:47.567", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,42 +46,89 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:slickremix:feed_them_social:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.8.7", + "matchCriteriaId": "1661552C-22B1-4EDD-92EA-E513E0DFE4D9" + } + ] + } + ] + } + ], "references": [ { "url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit", + "Technical Description", + "Third Party Advisory" + ] }, { "url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Not Applicable" + ] }, { "url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Not Applicable" + ] }, { "url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Not Applicable" + ] }, { "url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Not Applicable" + ] }, { "url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Not Applicable" + ] }, { "url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Not Applicable" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2369818%40feed-them-social&new=2369818%40feed-them-social&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1fcbe3d1-449c-4135-bbf5-9ea9236e5328?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-324xx/CVE-2021-32494.json b/CVE-2021/CVE-2021-324xx/CVE-2021-32494.json new file mode 100644 index 00000000000..2c15b533ae5 --- /dev/null +++ b/CVE-2021/CVE-2021-324xx/CVE-2021-32494.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2021-32494", + "sourceIdentifier": "patrick@puiterwijk.org", + "published": "2023-07-07T19:15:09.507", + "lastModified": "2023-07-07T19:15:09.507", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Radare2 has a division by zero vulnerability in Mach-O parser's rebase_buffer function. This allow attackers to create malicious inputs that can cause denial of service.\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "patrick@puiterwijk.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 10.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "patrick@puiterwijk.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-369" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/radareorg/radare2/commit/a07dedb804a82bc01c07072861942dd80c6b6d62", + "source": "patrick@puiterwijk.org" + }, + { + "url": "https://github.com/radareorg/radare2/issues/18667", + "source": "patrick@puiterwijk.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-324xx/CVE-2021-32495.json b/CVE-2021/CVE-2021-324xx/CVE-2021-32495.json new file mode 100644 index 00000000000..718556efc51 --- /dev/null +++ b/CVE-2021/CVE-2021-324xx/CVE-2021-32495.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2021-32495", + "sourceIdentifier": "patrick@puiterwijk.org", + "published": "2023-07-07T19:15:09.600", + "lastModified": "2023-07-07T19:15:09.600", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function. Attacker can read freed memory afterwards. This will allow attackers to cause denial of service.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "patrick@puiterwijk.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 10.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "patrick@puiterwijk.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/radareorg/radare2/commit/5e16e2d1c9fe245e4c17005d779fde91ec0b9c05", + "source": "patrick@puiterwijk.org" + }, + { + "url": "https://github.com/radareorg/radare2/issues/18666", + "source": "patrick@puiterwijk.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-326xx/CVE-2021-32648.json b/CVE-2021/CVE-2021-326xx/CVE-2021-32648.json index 956c0fd66f0..2a96643a717 100644 --- a/CVE-2021/CVE-2021-326xx/CVE-2021-32648.json +++ b/CVE-2021/CVE-2021-326xx/CVE-2021-32648.json @@ -2,7 +2,7 @@ "id": "CVE-2021-32648", "sourceIdentifier": "security-advisories@github.com", "published": "2021-08-26T19:15:07.230", - "lastModified": "2022-07-02T20:00:40.427", + "lastModified": "2023-07-07T19:27:08.017", "vulnStatus": "Analyzed", "cisaExploitAdd": "2022-01-18", "cisaActionDue": "2022-02-01", @@ -94,7 +94,7 @@ "description": [ { "lang": "en", - "value": "NVD-CWE-noinfo" + "value": "NVD-CWE-Other" } ] }, diff --git a/CVE-2021/CVE-2021-329xx/CVE-2021-32964.json b/CVE-2021/CVE-2021-329xx/CVE-2021-32964.json index 1a10f250e3f..b964355f637 100644 --- a/CVE-2021/CVE-2021-329xx/CVE-2021-32964.json +++ b/CVE-2021/CVE-2021-329xx/CVE-2021-32964.json @@ -2,7 +2,7 @@ "id": "CVE-2021-32964", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2022-05-24T18:15:08.163", - "lastModified": "2022-06-07T20:57:17.260", + "lastModified": "2023-07-07T19:23:22.760", "vulnStatus": "Analyzed", "descriptions": [ { @@ -85,8 +85,18 @@ }, "weaknesses": [ { - "source": "ics-cert@hq.dhs.gov", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + }, + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2021/CVE-2021-330xx/CVE-2021-33020.json b/CVE-2021/CVE-2021-330xx/CVE-2021-33020.json index 19efb8512ce..12bb535c091 100644 --- a/CVE-2021/CVE-2021-330xx/CVE-2021-33020.json +++ b/CVE-2021/CVE-2021-330xx/CVE-2021-33020.json @@ -2,7 +2,7 @@ "id": "CVE-2021-33020", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2022-04-01T23:15:10.193", - "lastModified": "2022-04-09T02:04:57.760", + "lastModified": "2023-07-07T19:06:26.740", "vulnStatus": "Analyzed", "descriptions": [ { @@ -90,7 +90,7 @@ "description": [ { "lang": "en", - "value": "CWE-311" + "value": "CWE-672" } ] }, diff --git a/CVE-2021/CVE-2021-337xx/CVE-2021-33796.json b/CVE-2021/CVE-2021-337xx/CVE-2021-33796.json new file mode 100644 index 00000000000..730dcbe482a --- /dev/null +++ b/CVE-2021/CVE-2021-337xx/CVE-2021-33796.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2021-33796", + "sourceIdentifier": "patrick@puiterwijk.org", + "published": "2023-07-07T18:15:09.430", + "lastModified": "2023-07-07T18:15:09.430", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In MuJS before version 1.1.2, a use-after-free flaw in the regexp source property access may cause denial of service.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "patrick@puiterwijk.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 10.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "patrick@puiterwijk.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/ccxvii/mujs/commit/7ef066a3bb95bf83e7c5be50d859e62e58fe8515", + "source": "patrick@puiterwijk.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-337xx/CVE-2021-33798.json b/CVE-2021/CVE-2021-337xx/CVE-2021-33798.json new file mode 100644 index 00000000000..094aea12c4a --- /dev/null +++ b/CVE-2021/CVE-2021-337xx/CVE-2021-33798.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2021-33798", + "sourceIdentifier": "patrick@puiterwijk.org", + "published": "2023-07-07T18:15:09.507", + "lastModified": "2023-07-07T18:15:09.507", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A null pointer dereference was found in libpano13, version libpano13-2.9.20. The flow allows attackers to cause a denial of service and potential code execute via a crafted file.\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "patrick@puiterwijk.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.0, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "patrick@puiterwijk.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "references": [ + { + "url": "https://groups.google.com/u/1/g/hugin-ptx/c/gLtz2vweD74", + "source": "patrick@puiterwijk.org" + }, + { + "url": "https://sourceforge.net/p/panotools/libpano13/ci/62aa7eed8fae5d8f247a2508a757f31000de386f/", + "source": "patrick@puiterwijk.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-346xx/CVE-2021-34600.json b/CVE-2021/CVE-2021-346xx/CVE-2021-34600.json index fc9ce9c57cd..4b5351992f0 100644 --- a/CVE-2021/CVE-2021-346xx/CVE-2021-34600.json +++ b/CVE-2021/CVE-2021-346xx/CVE-2021-34600.json @@ -2,7 +2,7 @@ "id": "CVE-2021-34600", "sourceIdentifier": "info@cert.vde.com", "published": "2022-01-20T12:15:08.240", - "lastModified": "2022-09-10T02:40:16.327", + "lastModified": "2023-07-07T19:14:06.390", "vulnStatus": "Analyzed", "descriptions": [ { @@ -85,17 +85,17 @@ }, "weaknesses": [ { - "source": "info@cert.vde.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-338" + "value": "CWE-335" } ] }, { - "source": "nvd@nist.gov", + "source": "info@cert.vde.com", "type": "Secondary", "description": [ { diff --git a/CVE-2021/CVE-2021-347xx/CVE-2021-34735.json b/CVE-2021/CVE-2021-347xx/CVE-2021-34735.json index ebaad791a68..f1091bf0411 100644 --- a/CVE-2021/CVE-2021-347xx/CVE-2021-34735.json +++ b/CVE-2021/CVE-2021-347xx/CVE-2021-34735.json @@ -2,7 +2,7 @@ "id": "CVE-2021-34735", "sourceIdentifier": "ykramarz@cisco.com", "published": "2021-10-06T20:15:09.863", - "lastModified": "2021-10-14T20:54:17.860", + "lastModified": "2023-07-07T19:12:32.707", "vulnStatus": "Analyzed", "descriptions": [ { @@ -92,7 +92,7 @@ "description": [ { "lang": "en", - "value": "CWE-77" + "value": "NVD-CWE-Other" } ] }, diff --git a/CVE-2021/CVE-2021-34xx/CVE-2021-3454.json b/CVE-2021/CVE-2021-34xx/CVE-2021-3454.json index d980028ebaf..b621f5ab662 100644 --- a/CVE-2021/CVE-2021-34xx/CVE-2021-3454.json +++ b/CVE-2021/CVE-2021-34xx/CVE-2021-3454.json @@ -2,7 +2,7 @@ "id": "CVE-2021-3454", "sourceIdentifier": "vulnerabilities@zephyrproject.org", "published": "2021-10-19T23:15:07.517", - "lastModified": "2021-10-26T17:24:48.947", + "lastModified": "2023-07-07T19:13:27.937", "vulnStatus": "Analyzed", "descriptions": [ { @@ -88,6 +88,10 @@ "source": "nvd@nist.gov", "type": "Primary", "description": [ + { + "lang": "en", + "value": "CWE-617" + }, { "lang": "en", "value": "NVD-CWE-Other" diff --git a/CVE-2021/CVE-2021-34xx/CVE-2021-3493.json b/CVE-2021/CVE-2021-34xx/CVE-2021-3493.json index d412e8c59f5..b2b10e7837b 100644 --- a/CVE-2021/CVE-2021-34xx/CVE-2021-3493.json +++ b/CVE-2021/CVE-2021-34xx/CVE-2021-3493.json @@ -2,7 +2,7 @@ "id": "CVE-2021-3493", "sourceIdentifier": "security@ubuntu.com", "published": "2021-04-17T05:15:14.630", - "lastModified": "2022-10-27T12:43:16.910", + "lastModified": "2023-07-07T19:10:36.743", "vulnStatus": "Analyzed", "cisaExploitAdd": "2022-10-20", "cisaActionDue": "2022-11-10", @@ -94,7 +94,7 @@ "description": [ { "lang": "en", - "value": "CWE-269" + "value": "CWE-863" } ] }, diff --git a/CVE-2021/CVE-2021-352xx/CVE-2021-35237.json b/CVE-2021/CVE-2021-352xx/CVE-2021-35237.json index 493185e8734..ba971b2d315 100644 --- a/CVE-2021/CVE-2021-352xx/CVE-2021-35237.json +++ b/CVE-2021/CVE-2021-352xx/CVE-2021-35237.json @@ -2,7 +2,7 @@ "id": "CVE-2021-35237", "sourceIdentifier": "psirt@solarwinds.com", "published": "2021-10-29T14:15:07.607", - "lastModified": "2021-11-03T01:20:21.820", + "lastModified": "2023-07-07T19:27:36.727", "vulnStatus": "Analyzed", "descriptions": [ { @@ -90,7 +90,7 @@ "description": [ { "lang": "en", - "value": "NVD-CWE-Other" + "value": "CWE-1021" } ] }, diff --git a/CVE-2021/CVE-2021-352xx/CVE-2021-35246.json b/CVE-2021/CVE-2021-352xx/CVE-2021-35246.json index 39040b7e4f2..f83577206bf 100644 --- a/CVE-2021/CVE-2021-352xx/CVE-2021-35246.json +++ b/CVE-2021/CVE-2021-352xx/CVE-2021-35246.json @@ -2,7 +2,7 @@ "id": "CVE-2021-35246", "sourceIdentifier": "psirt@solarwinds.com", "published": "2022-11-23T17:15:09.943", - "lastModified": "2022-11-28T18:12:16.820", + "lastModified": "2023-07-07T19:16:36.970", "vulnStatus": "Analyzed", "descriptions": [ { @@ -61,7 +61,7 @@ "description": [ { "lang": "en", - "value": "CWE-838" + "value": "CWE-319" } ] }, diff --git a/CVE-2021/CVE-2021-352xx/CVE-2021-35252.json b/CVE-2021/CVE-2021-352xx/CVE-2021-35252.json index 8ab757a0f16..87f8dae0dbc 100644 --- a/CVE-2021/CVE-2021-352xx/CVE-2021-35252.json +++ b/CVE-2021/CVE-2021-352xx/CVE-2021-35252.json @@ -2,7 +2,7 @@ "id": "CVE-2021-35252", "sourceIdentifier": "psirt@solarwinds.com", "published": "2022-12-16T16:15:16.297", - "lastModified": "2022-12-20T17:58:26.627", + "lastModified": "2023-07-07T19:19:52.473", "vulnStatus": "Analyzed", "descriptions": [ { @@ -61,7 +61,7 @@ "description": [ { "lang": "en", - "value": "CWE-798" + "value": "CWE-287" } ] }, diff --git a/CVE-2021/CVE-2021-359xx/CVE-2021-35991.json b/CVE-2021/CVE-2021-359xx/CVE-2021-35991.json index 1af3f7f0987..94c2a91ac5f 100644 --- a/CVE-2021/CVE-2021-359xx/CVE-2021-35991.json +++ b/CVE-2021/CVE-2021-359xx/CVE-2021-35991.json @@ -2,7 +2,7 @@ "id": "CVE-2021-35991", "sourceIdentifier": "psirt@adobe.com", "published": "2021-08-20T19:15:10.263", - "lastModified": "2021-08-25T20:05:13.313", + "lastModified": "2023-07-07T19:25:15.007", "vulnStatus": "Analyzed", "descriptions": [ { @@ -65,8 +65,18 @@ }, "weaknesses": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-908" + } + ] + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2021/CVE-2021-35xx/CVE-2021-3567.json b/CVE-2021/CVE-2021-35xx/CVE-2021-3567.json index 1b943112140..7ab7eee0936 100644 --- a/CVE-2021/CVE-2021-35xx/CVE-2021-3567.json +++ b/CVE-2021/CVE-2021-35xx/CVE-2021-3567.json @@ -2,7 +2,7 @@ "id": "CVE-2021-3567", "sourceIdentifier": "secalert@redhat.com", "published": "2022-03-25T19:15:09.067", - "lastModified": "2022-03-31T19:39:17.407", + "lastModified": "2023-07-07T19:21:55.477", "vulnStatus": "Analyzed", "descriptions": [ { @@ -70,7 +70,7 @@ "description": [ { "lang": "en", - "value": "CWE-20" + "value": "CWE-787" } ] }, diff --git a/CVE-2021/CVE-2021-367xx/CVE-2021-36777.json b/CVE-2021/CVE-2021-367xx/CVE-2021-36777.json index 14666337fe6..1d27d69ca18 100644 --- a/CVE-2021/CVE-2021-367xx/CVE-2021-36777.json +++ b/CVE-2021/CVE-2021-367xx/CVE-2021-36777.json @@ -2,7 +2,7 @@ "id": "CVE-2021-36777", "sourceIdentifier": "meissner@suse.de", "published": "2022-03-09T17:15:09.787", - "lastModified": "2022-03-15T15:32:18.257", + "lastModified": "2023-07-07T19:21:26.557", "vulnStatus": "Analyzed", "descriptions": [ { @@ -85,8 +85,18 @@ }, "weaknesses": [ { - "source": "meissner@suse.de", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, + { + "source": "meissner@suse.de", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2021/CVE-2021-36xx/CVE-2021-3669.json b/CVE-2021/CVE-2021-36xx/CVE-2021-3669.json index af1ff9046d1..c16583bf4e6 100644 --- a/CVE-2021/CVE-2021-36xx/CVE-2021-3669.json +++ b/CVE-2021/CVE-2021-36xx/CVE-2021-3669.json @@ -2,8 +2,8 @@ "id": "CVE-2021-3669", "sourceIdentifier": "secalert@redhat.com", "published": "2022-08-26T16:15:09.273", - "lastModified": "2023-02-12T23:42:17.167", - "vulnStatus": "Modified", + "lastModified": "2023-07-07T19:16:17.817", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -40,17 +40,17 @@ }, "weaknesses": [ { - "source": "secalert@redhat.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-400" + "value": "CWE-770" } ] }, { - "source": "nvd@nist.gov", + "source": "secalert@redhat.com", "type": "Secondary", "description": [ { @@ -354,6 +354,7 @@ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986473", "source": "secalert@redhat.com", "tags": [ + "Issue Tracking", "Permissions Required" ] }, diff --git a/CVE-2021/CVE-2021-36xx/CVE-2021-3690.json b/CVE-2021/CVE-2021-36xx/CVE-2021-3690.json index 78e193fe021..6b7bcf2b9fa 100644 --- a/CVE-2021/CVE-2021-36xx/CVE-2021-3690.json +++ b/CVE-2021/CVE-2021-36xx/CVE-2021-3690.json @@ -2,7 +2,7 @@ "id": "CVE-2021-3690", "sourceIdentifier": "secalert@redhat.com", "published": "2022-08-23T16:15:09.450", - "lastModified": "2022-08-27T02:22:37.447", + "lastModified": "2023-07-07T19:23:39.667", "vulnStatus": "Analyzed", "descriptions": [ { @@ -45,7 +45,7 @@ "description": [ { "lang": "en", - "value": "CWE-400" + "value": "CWE-401" } ] }, diff --git a/CVE-2021/CVE-2021-37xx/CVE-2021-3716.json b/CVE-2021/CVE-2021-37xx/CVE-2021-3716.json index 05ea013d6bc..20656403de3 100644 --- a/CVE-2021/CVE-2021-37xx/CVE-2021-3716.json +++ b/CVE-2021/CVE-2021-37xx/CVE-2021-3716.json @@ -2,7 +2,7 @@ "id": "CVE-2021-3716", "sourceIdentifier": "secalert@redhat.com", "published": "2022-03-02T23:15:09.013", - "lastModified": "2022-03-09T19:34:59.837", + "lastModified": "2023-07-07T19:27:45.270", "vulnStatus": "Analyzed", "descriptions": [ { @@ -70,7 +70,7 @@ "description": [ { "lang": "en", - "value": "CWE-924" + "value": "NVD-CWE-Other" } ] }, diff --git a/CVE-2021/CVE-2021-37xx/CVE-2021-3765.json b/CVE-2021/CVE-2021-37xx/CVE-2021-3765.json index 6bff16e86c7..3553af2de02 100644 --- a/CVE-2021/CVE-2021-37xx/CVE-2021-3765.json +++ b/CVE-2021/CVE-2021-37xx/CVE-2021-3765.json @@ -2,7 +2,7 @@ "id": "CVE-2021-3765", "sourceIdentifier": "security@huntr.dev", "published": "2021-11-02T07:15:07.280", - "lastModified": "2022-07-29T16:39:48.970", + "lastModified": "2023-07-07T19:27:40.960", "vulnStatus": "Analyzed", "descriptions": [ { @@ -92,7 +92,7 @@ "description": [ { "lang": "en", - "value": "NVD-CWE-Other" + "value": "CWE-1333" } ] }, diff --git a/CVE-2021/CVE-2021-390xx/CVE-2021-39014.json b/CVE-2021/CVE-2021-390xx/CVE-2021-39014.json new file mode 100644 index 00000000000..a8bf6bca52c --- /dev/null +++ b/CVE-2021/CVE-2021-390xx/CVE-2021-39014.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2021-39014", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2023-07-07T19:15:09.667", + "lastModified": "2023-07-07T19:15:09.667", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "IBM Cloud Object System 3.15.8.97 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213650." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/213650", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/6517124", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-41xx/CVE-2021-4105.json b/CVE-2021/CVE-2021-41xx/CVE-2021-4105.json index a2aab7d50e3..bd07f7aebdc 100644 --- a/CVE-2021/CVE-2021-41xx/CVE-2021-4105.json +++ b/CVE-2021/CVE-2021-41xx/CVE-2021-4105.json @@ -2,8 +2,8 @@ "id": "CVE-2021-4105", "sourceIdentifier": "cve@usom.gov.tr", "published": "2023-02-24T12:15:30.127", - "lastModified": "2023-03-26T21:15:06.690", - "vulnStatus": "Modified", + "lastModified": "2023-07-07T19:20:19.577", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -61,7 +61,7 @@ "description": [ { "lang": "en", - "value": "CWE-755" + "value": "NVD-CWE-Other" } ] }, diff --git a/CVE-2021/CVE-2021-43xx/CVE-2021-4388.json b/CVE-2021/CVE-2021-43xx/CVE-2021-4388.json index afc90dcb14b..f408f1d3a5b 100644 --- a/CVE-2021/CVE-2021-43xx/CVE-2021-4388.json +++ b/CVE-2021/CVE-2021-43xx/CVE-2021-4388.json @@ -2,8 +2,8 @@ "id": "CVE-2021-4388", "sourceIdentifier": "security@wordfence.com", "published": "2023-07-01T05:15:15.547", - "lastModified": "2023-07-03T01:10:10.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T18:18:25.903", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", @@ -36,7 +56,7 @@ }, "weaknesses": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,20 +64,58 @@ "value": "CWE-862" } ] + }, + { + "source": "security@wordfence.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpopal:opal_estate:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.6.11", + "matchCriteriaId": "475FC3B2-6A28-48F1-8975-734362398BEF" + } + ] + } + ] } ], "references": [ { "url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/opal-estate/trunk/inc/ajax-functions.php#L177", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Not Applicable" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5ce729a2-a106-45ab-b96c-cfe75246def7?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-447xx/CVE-2022-44719.json b/CVE-2022/CVE-2022-447xx/CVE-2022-44719.json index 6fdb79a5472..750c5097273 100644 --- a/CVE-2022/CVE-2022-447xx/CVE-2022-44719.json +++ b/CVE-2022/CVE-2022-447xx/CVE-2022-44719.json @@ -2,23 +2,95 @@ "id": "CVE-2022-44719", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T20:15:09.727", - "lastModified": "2023-06-29T23:57:54.363", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T18:34:38.157", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in Weblib Ucopia before 6.0.13. The SSH Server has Insecure Permissions." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-732" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:ucopia:wireless_appliance_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.0.13", + "matchCriteriaId": "D6FDED24-0681-4295-A07A-011AF6B726E7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:ucopia:wireless_appliance:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB1C8FCD-6DE1-4356-B646-8A790A4B6DB2" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.synacktiv.com/sites/default/files/2023-06/synacktiv-ucopia-multiple-vulnerabilities-2022.pdf", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://www.ucopia.com/en/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-450xx/CVE-2022-45066.json b/CVE-2022/CVE-2022-450xx/CVE-2022-45066.json index a1c26a9e78f..f3e786450cd 100644 --- a/CVE-2022/CVE-2022-450xx/CVE-2022-45066.json +++ b/CVE-2022/CVE-2022-450xx/CVE-2022-45066.json @@ -2,7 +2,7 @@ "id": "CVE-2022-45066", "sourceIdentifier": "audit@patchstack.com", "published": "2022-11-17T23:15:24.653", - "lastModified": "2022-11-18T19:32:55.797", + "lastModified": "2023-07-07T19:06:57.727", "vulnStatus": "Analyzed", "descriptions": [ { @@ -61,7 +61,7 @@ "description": [ { "lang": "en", - "value": "NVD-CWE-noinfo" + "value": "NVD-CWE-Other" } ] }, diff --git a/CVE-2022/CVE-2022-451xx/CVE-2022-45124.json b/CVE-2022/CVE-2022-451xx/CVE-2022-45124.json index 6c619b7ee3a..6c1b1a0f0d0 100644 --- a/CVE-2022/CVE-2022-451xx/CVE-2022-45124.json +++ b/CVE-2022/CVE-2022-451xx/CVE-2022-45124.json @@ -2,7 +2,7 @@ "id": "CVE-2022-45124", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-03-20T21:15:10.647", - "lastModified": "2023-03-23T19:33:41.907", + "lastModified": "2023-07-07T19:00:09.987", "vulnStatus": "Analyzed", "descriptions": [ { @@ -56,8 +56,18 @@ }, "weaknesses": [ { - "source": "talos-cna@cisco.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + }, + { + "source": "talos-cna@cisco.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-451xx/CVE-2022-45141.json b/CVE-2022/CVE-2022-451xx/CVE-2022-45141.json index 361460c9245..ffab5178022 100644 --- a/CVE-2022/CVE-2022-451xx/CVE-2022-45141.json +++ b/CVE-2022/CVE-2022-451xx/CVE-2022-45141.json @@ -2,7 +2,7 @@ "id": "CVE-2022-45141", "sourceIdentifier": "secalert@redhat.com", "published": "2023-03-06T23:15:11.157", - "lastModified": "2023-03-13T18:05:10.707", + "lastModified": "2023-07-07T19:00:02.497", "vulnStatus": "Analyzed", "descriptions": [ { @@ -41,7 +41,7 @@ "description": [ { "lang": "en", - "value": "CWE-327" + "value": "CWE-326" } ] }, diff --git a/CVE-2022/CVE-2022-453xx/CVE-2022-45369.json b/CVE-2022/CVE-2022-453xx/CVE-2022-45369.json index 83cf6bd1457..197de6e683a 100644 --- a/CVE-2022/CVE-2022-453xx/CVE-2022-45369.json +++ b/CVE-2022/CVE-2022-453xx/CVE-2022-45369.json @@ -2,7 +2,7 @@ "id": "CVE-2022-45369", "sourceIdentifier": "audit@patchstack.com", "published": "2022-11-18T23:15:30.023", - "lastModified": "2022-11-23T13:20:28.343", + "lastModified": "2023-07-07T19:07:03.447", "vulnStatus": "Analyzed", "descriptions": [ { @@ -61,7 +61,7 @@ "description": [ { "lang": "en", - "value": "NVD-CWE-noinfo" + "value": "NVD-CWE-Other" } ] }, diff --git a/CVE-2022/CVE-2022-453xx/CVE-2022-45392.json b/CVE-2022/CVE-2022-453xx/CVE-2022-45392.json index 127c4cc4aa5..7d21c71d007 100644 --- a/CVE-2022/CVE-2022-453xx/CVE-2022-45392.json +++ b/CVE-2022/CVE-2022-453xx/CVE-2022-45392.json @@ -2,7 +2,7 @@ "id": "CVE-2022-45392", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2022-11-15T20:15:12.797", - "lastModified": "2022-11-18T04:49:17.423", + "lastModified": "2023-07-07T19:06:43.127", "vulnStatus": "Analyzed", "descriptions": [ { @@ -36,8 +36,18 @@ }, "weaknesses": [ { - "source": "jenkinsci-cert@googlegroups.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-522" + } + ] + }, + { + "source": "jenkinsci-cert@googlegroups.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-454xx/CVE-2022-45440.json b/CVE-2022/CVE-2022-454xx/CVE-2022-45440.json index 2280994525a..c40b2a4ed51 100644 --- a/CVE-2022/CVE-2022-454xx/CVE-2022-45440.json +++ b/CVE-2022/CVE-2022-454xx/CVE-2022-45440.json @@ -2,7 +2,7 @@ "id": "CVE-2022-45440", "sourceIdentifier": "security@zyxel.com.tw", "published": "2023-01-17T02:15:09.517", - "lastModified": "2023-01-25T15:07:42.860", + "lastModified": "2023-07-07T18:42:12.577", "vulnStatus": "Analyzed", "descriptions": [ { @@ -61,7 +61,7 @@ "description": [ { "lang": "en", - "value": "CWE-552" + "value": "CWE-59" } ] }, diff --git a/CVE-2022/CVE-2022-458xx/CVE-2022-45877.json b/CVE-2022/CVE-2022-458xx/CVE-2022-45877.json index 73556a86296..f2eac70be1a 100644 --- a/CVE-2022/CVE-2022-458xx/CVE-2022-45877.json +++ b/CVE-2022/CVE-2022-458xx/CVE-2022-45877.json @@ -2,7 +2,7 @@ "id": "CVE-2022-45877", "sourceIdentifier": "scy@openharmony.io", "published": "2022-12-08T16:15:14.787", - "lastModified": "2022-12-12T17:51:49.953", + "lastModified": "2023-07-07T19:02:46.420", "vulnStatus": "Analyzed", "descriptions": [ { @@ -61,7 +61,7 @@ "description": [ { "lang": "en", - "value": "CWE-287" + "value": "CWE-319" } ] }, diff --git a/CVE-2022/CVE-2022-459xx/CVE-2022-45935.json b/CVE-2022/CVE-2022-459xx/CVE-2022-45935.json index 9f02fbd424f..95f8e089e9f 100644 --- a/CVE-2022/CVE-2022-459xx/CVE-2022-45935.json +++ b/CVE-2022/CVE-2022-459xx/CVE-2022-45935.json @@ -2,7 +2,7 @@ "id": "CVE-2022-45935", "sourceIdentifier": "security@apache.org", "published": "2023-01-06T10:15:10.447", - "lastModified": "2023-01-18T20:29:52.617", + "lastModified": "2023-07-07T19:03:23.917", "vulnStatus": "Analyzed", "descriptions": [ { @@ -36,17 +36,17 @@ }, "weaknesses": [ { - "source": "security@apache.org", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-319" + "value": "CWE-668" } ] }, { - "source": "nvd@nist.gov", + "source": "security@apache.org", "type": "Secondary", "description": [ { diff --git a/CVE-2022/CVE-2022-45xx/CVE-2022-4505.json b/CVE-2022/CVE-2022-45xx/CVE-2022-4505.json index beb4149f44a..91dcd9d4670 100644 --- a/CVE-2022/CVE-2022-45xx/CVE-2022-4505.json +++ b/CVE-2022/CVE-2022-45xx/CVE-2022-4505.json @@ -2,7 +2,7 @@ "id": "CVE-2022-4505", "sourceIdentifier": "security@huntr.dev", "published": "2022-12-15T01:15:11.117", - "lastModified": "2022-12-16T15:10:15.400", + "lastModified": "2023-07-07T19:02:58.007", "vulnStatus": "Analyzed", "descriptions": [ { @@ -58,8 +58,18 @@ }, "weaknesses": [ { - "source": "security@huntr.dev", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + }, + { + "source": "security@huntr.dev", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-461xx/CVE-2022-46155.json b/CVE-2022/CVE-2022-461xx/CVE-2022-46155.json index 952432f9f5d..430efca8115 100644 --- a/CVE-2022/CVE-2022-461xx/CVE-2022-46155.json +++ b/CVE-2022/CVE-2022-461xx/CVE-2022-46155.json @@ -2,7 +2,7 @@ "id": "CVE-2022-46155", "sourceIdentifier": "security-advisories@github.com", "published": "2022-11-29T23:15:10.473", - "lastModified": "2022-12-02T18:57:15.683", + "lastModified": "2023-07-07T19:04:35.733", "vulnStatus": "Analyzed", "descriptions": [ { @@ -56,8 +56,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-312" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -89,22 +99,21 @@ "url": "https://github.com/Airtable/airtable.js/pull/330/commits/b468d8fe48d75e3d5fe46d0ea7770f4658951ed0", "source": "security-advisories@github.com", "tags": [ - "Patch", - "Third Party Advisory" + "Patch" ] }, { "url": "https://github.com/Airtable/airtable.js/releases/tag/v0.11.6", "source": "security-advisories@github.com", "tags": [ - "Third Party Advisory" + "Release Notes" ] }, { "url": "https://github.com/Airtable/airtable.js/security/advisories/GHSA-vqm5-9546-x25v", "source": "security-advisories@github.com", "tags": [ - "Third Party Advisory" + "Vendor Advisory" ] } ] diff --git a/CVE-2022/CVE-2022-461xx/CVE-2022-46158.json b/CVE-2022/CVE-2022-461xx/CVE-2022-46158.json index 0a9ec1c78bc..5cf1630ad46 100644 --- a/CVE-2022/CVE-2022-461xx/CVE-2022-46158.json +++ b/CVE-2022/CVE-2022-461xx/CVE-2022-46158.json @@ -2,7 +2,7 @@ "id": "CVE-2022-46158", "sourceIdentifier": "security-advisories@github.com", "published": "2022-12-08T22:15:10.640", - "lastModified": "2022-12-12T17:58:22.737", + "lastModified": "2023-07-07T19:02:52.417", "vulnStatus": "Analyzed", "descriptions": [ { @@ -56,8 +56,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-461xx/CVE-2022-46161.json b/CVE-2022/CVE-2022-461xx/CVE-2022-46161.json index 08a067fb434..8ea6ff05487 100644 --- a/CVE-2022/CVE-2022-461xx/CVE-2022-46161.json +++ b/CVE-2022/CVE-2022-461xx/CVE-2022-46161.json @@ -2,7 +2,7 @@ "id": "CVE-2022-46161", "sourceIdentifier": "security-advisories@github.com", "published": "2022-12-06T19:15:10.520", - "lastModified": "2022-12-08T18:04:31.920", + "lastModified": "2023-07-07T19:04:48.333", "vulnStatus": "Analyzed", "descriptions": [ { @@ -56,8 +56,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-461xx/CVE-2022-46162.json b/CVE-2022/CVE-2022-461xx/CVE-2022-46162.json index fc522ca49f3..6ad8a028b49 100644 --- a/CVE-2022/CVE-2022-461xx/CVE-2022-46162.json +++ b/CVE-2022/CVE-2022-461xx/CVE-2022-46162.json @@ -2,7 +2,7 @@ "id": "CVE-2022-46162", "sourceIdentifier": "security-advisories@github.com", "published": "2022-11-30T23:15:10.673", - "lastModified": "2022-12-02T16:36:09.930", + "lastModified": "2023-07-07T19:04:41.147", "vulnStatus": "Analyzed", "descriptions": [ { @@ -56,8 +56,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -98,7 +108,7 @@ "source": "security-advisories@github.com", "tags": [ "Exploit", - "Third Party Advisory" + "Vendor Advisory" ] } ] diff --git a/CVE-2022/CVE-2022-461xx/CVE-2022-46163.json b/CVE-2022/CVE-2022-461xx/CVE-2022-46163.json index 4cbec9e2664..0e5fdb3938e 100644 --- a/CVE-2022/CVE-2022-461xx/CVE-2022-46163.json +++ b/CVE-2022/CVE-2022-461xx/CVE-2022-46163.json @@ -2,7 +2,7 @@ "id": "CVE-2022-46163", "sourceIdentifier": "security-advisories@github.com", "published": "2023-01-10T21:15:12.740", - "lastModified": "2023-01-20T17:55:36.943", + "lastModified": "2023-07-07T18:41:21.627", "vulnStatus": "Analyzed", "descriptions": [ { @@ -61,7 +61,7 @@ "description": [ { "lang": "en", - "value": "CWE-74" + "value": "CWE-89" } ] }, @@ -99,16 +99,14 @@ "url": "https://github.com/openSUSE/travel-support-program/commit/d22916275c51500b4004933ff1b0a69bc807b2b7", "source": "security-advisories@github.com", "tags": [ - "Patch", - "Third Party Advisory" + "Patch" ] }, { "url": "https://github.com/openSUSE/travel-support-program/pull/158", "source": "security-advisories@github.com", "tags": [ - "Patch", - "Third Party Advisory" + "Patch" ] }, { @@ -117,7 +115,7 @@ "tags": [ "Exploit", "Patch", - "Third Party Advisory" + "Vendor Advisory" ] } ] diff --git a/CVE-2022/CVE-2022-463xx/CVE-2022-46331.json b/CVE-2022/CVE-2022-463xx/CVE-2022-46331.json index 809b095a603..c20f9579188 100644 --- a/CVE-2022/CVE-2022-463xx/CVE-2022-46331.json +++ b/CVE-2022/CVE-2022-463xx/CVE-2022-46331.json @@ -2,7 +2,7 @@ "id": "CVE-2022-46331", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2023-01-18T00:15:12.183", - "lastModified": "2023-01-25T16:42:53.860", + "lastModified": "2023-07-07T18:55:39.947", "vulnStatus": "Analyzed", "descriptions": [ { @@ -56,8 +56,18 @@ }, "weaknesses": [ { - "source": "ics-cert@hq.dhs.gov", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-12xx/CVE-2023-1298.json b/CVE-2023/CVE-2023-12xx/CVE-2023-1298.json index 56e56a97712..62c922bbfaa 100644 --- a/CVE-2023/CVE-2023-12xx/CVE-2023-1298.json +++ b/CVE-2023/CVE-2023-12xx/CVE-2023-1298.json @@ -2,7 +2,7 @@ "id": "CVE-2023-1298", "sourceIdentifier": "psirt@servicenow.com", "published": "2023-07-06T18:15:10.497", - "lastModified": "2023-07-07T12:50:30.110", + "lastModified": "2023-07-07T18:15:09.607", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,6 +50,10 @@ { "url": "https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1310230", "source": "psirt@servicenow.com" + }, + { + "url": "https://www.linkedin.com/in/osamay/", + "source": "psirt@servicenow.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-200xx/CVE-2023-20006.json b/CVE-2023/CVE-2023-200xx/CVE-2023-20006.json index c1e3b874860..f67837a0ca8 100644 --- a/CVE-2023/CVE-2023-200xx/CVE-2023-20006.json +++ b/CVE-2023/CVE-2023-200xx/CVE-2023-20006.json @@ -2,8 +2,8 @@ "id": "CVE-2023-20006", "sourceIdentifier": "ykramarz@cisco.com", "published": "2023-06-28T15:15:09.387", - "lastModified": "2023-06-28T15:25:19.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T19:46:53.497", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "ykramarz@cisco.com", @@ -35,6 +57,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-681" + } + ] + }, { "source": "ykramarz@cisco.com", "type": "Secondary", @@ -46,10 +78,82 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.16.4:*:*:*:*:*:*:*", + "matchCriteriaId": "23EBE390-A084-46FD-92A7-B16BDB16FDA7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.18.2:*:*:*:*:*:*:*", + "matchCriteriaId": "1B0A8192-06BA-430B-BCBE-BBE7AF8500F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.18.2.5:*:*:*:*:*:*:*", + "matchCriteriaId": "0EBBDF77-9367-4B18-B667-8D13AE87E52E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*", + "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*", + "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*", + "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", + "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", + "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", + "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140" + } + ] + } + ] + } + ], "references": [ { "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-uu7mV5p6", - "source": "ykramarz@cisco.com" + "source": "ykramarz@cisco.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-261xx/CVE-2023-26135.json b/CVE-2023/CVE-2023-261xx/CVE-2023-26135.json index 973c6037002..a596896d264 100644 --- a/CVE-2023/CVE-2023-261xx/CVE-2023-26135.json +++ b/CVE-2023/CVE-2023-261xx/CVE-2023-26135.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26135", "sourceIdentifier": "report@snyk.io", "published": "2023-06-30T05:15:09.223", - "lastModified": "2023-06-30T12:59:54.343", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T18:21:34.797", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "report@snyk.io", "type": "Secondary", @@ -34,18 +54,58 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-1321" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:flatnest_project:flatnest:*:*:*:*:*:node.js:*:*", + "matchCriteriaId": "D3FA7C3B-2840-4BCE-AE7D-52CD506B3347" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/brycebaril/node-flatnest/blob/b7d97ec64a04632378db87fcf3577bd51ac3ee39/nest.js%23L43", - "source": "report@snyk.io" + "source": "report@snyk.io", + "tags": [ + "Broken Link" + ] }, { "url": "https://github.com/brycebaril/node-flatnest/issues/4", - "source": "report@snyk.io" + "source": "report@snyk.io", + "tags": [ + "Exploit", + "Issue Tracking" + ] }, { "url": "https://security.snyk.io/vuln/SNYK-JS-FLATNEST-3185149", - "source": "report@snyk.io" + "source": "report@snyk.io", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-264xx/CVE-2023-26428.json b/CVE-2023/CVE-2023-264xx/CVE-2023-26428.json index da134fb94bb..0b4bdbe5708 100644 --- a/CVE-2023/CVE-2023-264xx/CVE-2023-26428.json +++ b/CVE-2023/CVE-2023-264xx/CVE-2023-26428.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26428", "sourceIdentifier": "security@open-xchange.com", "published": "2023-06-20T08:15:09.163", - "lastModified": "2023-06-22T15:15:10.987", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T18:27:11.337", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "security@open-xchange.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + }, { "source": "security@open-xchange.com", "type": "Secondary", @@ -46,22 +76,71 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:*:*:*:*:*:*:*:*", + "versionEndExcluding": "7.10.6", + "matchCriteriaId": "74EDAF14-4BF1-4E62-AA44-86090B6BEEFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:*:*:*:*:*:*:*:*", + "versionStartIncluding": "8.0.0", + "versionEndExcluding": "8.11.0", + "matchCriteriaId": "73183E5C-54B0-4426-BD3B-34C19BBDECEE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:7.10.6:*:*:*:*:*:*:*", + "matchCriteriaId": "D41FD049-C028-4C6D-A9D7-9DD1820B2C5F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:7.10.6:revision_39:*:*:*:*:*:*", + "matchCriteriaId": "1B382924-49BE-43BF-B012-7F8F8A90CA6C" + } + ] + } + ] + } + ], "references": [ { "url": "http://packetstormsecurity.com/files/173083/OX-App-Suite-SSRF-Resource-Consumption-Command-Injection.html", - "source": "security@open-xchange.com" + "source": "security@open-xchange.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "http://seclists.org/fulldisclosure/2023/Jun/8", - "source": "security@open-xchange.com" + "source": "security@open-xchange.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json", - "source": "security@open-xchange.com" + "source": "security@open-xchange.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf", - "source": "security@open-xchange.com" + "source": "security@open-xchange.com", + "tags": [ + "Release Notes" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-264xx/CVE-2023-26429.json b/CVE-2023/CVE-2023-264xx/CVE-2023-26429.json index 9084a3ea595..2be94e48961 100644 --- a/CVE-2023/CVE-2023-264xx/CVE-2023-26429.json +++ b/CVE-2023/CVE-2023-264xx/CVE-2023-26429.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26429", "sourceIdentifier": "security@open-xchange.com", "published": "2023-06-20T08:15:09.230", - "lastModified": "2023-06-22T15:15:11.150", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T18:39:40.127", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "security@open-xchange.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + }, { "source": "security@open-xchange.com", "type": "Secondary", @@ -46,22 +76,71 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:*:*:*:*:*:*:*:*", + "versionEndExcluding": "7.10.6", + "matchCriteriaId": "74EDAF14-4BF1-4E62-AA44-86090B6BEEFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:*:*:*:*:*:*:*:*", + "versionStartIncluding": "8.0.0", + "versionEndExcluding": "8.11.0", + "matchCriteriaId": "73183E5C-54B0-4426-BD3B-34C19BBDECEE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:7.10.6:*:*:*:*:*:*:*", + "matchCriteriaId": "D41FD049-C028-4C6D-A9D7-9DD1820B2C5F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:7.10.6:revision_39:*:*:*:*:*:*", + "matchCriteriaId": "1B382924-49BE-43BF-B012-7F8F8A90CA6C" + } + ] + } + ] + } + ], "references": [ { "url": "http://packetstormsecurity.com/files/173083/OX-App-Suite-SSRF-Resource-Consumption-Command-Injection.html", - "source": "security@open-xchange.com" + "source": "security@open-xchange.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "http://seclists.org/fulldisclosure/2023/Jun/8", - "source": "security@open-xchange.com" + "source": "security@open-xchange.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json", - "source": "security@open-xchange.com" + "source": "security@open-xchange.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf", - "source": "security@open-xchange.com" + "source": "security@open-xchange.com", + "tags": [ + "Release Notes" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-264xx/CVE-2023-26431.json b/CVE-2023/CVE-2023-264xx/CVE-2023-26431.json index 2895fd15fba..d1488f03f4f 100644 --- a/CVE-2023/CVE-2023-264xx/CVE-2023-26431.json +++ b/CVE-2023/CVE-2023-264xx/CVE-2023-26431.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26431", "sourceIdentifier": "security@open-xchange.com", "published": "2023-06-20T08:15:09.297", - "lastModified": "2023-06-22T15:15:11.293", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T18:40:28.863", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "security@open-xchange.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + }, { "source": "security@open-xchange.com", "type": "Secondary", @@ -46,22 +76,71 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:*:*:*:*:*:*:*:*", + "versionEndExcluding": "7.10.6", + "matchCriteriaId": "74EDAF14-4BF1-4E62-AA44-86090B6BEEFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:*:*:*:*:*:*:*:*", + "versionStartIncluding": "8.0.0", + "versionEndExcluding": "8.11.0", + "matchCriteriaId": "73183E5C-54B0-4426-BD3B-34C19BBDECEE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:7.10.6:*:*:*:*:*:*:*", + "matchCriteriaId": "D41FD049-C028-4C6D-A9D7-9DD1820B2C5F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:7.10.6:revision_39:*:*:*:*:*:*", + "matchCriteriaId": "1B382924-49BE-43BF-B012-7F8F8A90CA6C" + } + ] + } + ] + } + ], "references": [ { "url": "http://packetstormsecurity.com/files/173083/OX-App-Suite-SSRF-Resource-Consumption-Command-Injection.html", - "source": "security@open-xchange.com" + "source": "security@open-xchange.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "http://seclists.org/fulldisclosure/2023/Jun/8", - "source": "security@open-xchange.com" + "source": "security@open-xchange.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json", - "source": "security@open-xchange.com" + "source": "security@open-xchange.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf", - "source": "security@open-xchange.com" + "source": "security@open-xchange.com", + "tags": [ + "Release Notes" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-283xx/CVE-2023-28387.json b/CVE-2023/CVE-2023-283xx/CVE-2023-28387.json index fa4dbed1ecb..02351b4aa32 100644 --- a/CVE-2023/CVE-2023-283xx/CVE-2023-28387.json +++ b/CVE-2023/CVE-2023-283xx/CVE-2023-28387.json @@ -2,27 +2,95 @@ "id": "CVE-2023-28387", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-06-30T07:15:08.720", - "lastModified": "2023-06-30T12:59:54.343", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T18:24:25.427", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "\"NewsPicks\" App for Android versions 10.4.5 and earlier and \"NewsPicks\" App for iOS versions 10.4.2 and earlier use hard-coded credentials, which may allow a local attacker to analyze data in the app and to obtain API key for an external service." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-798" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:uzabase:newspicks:*:*:*:*:*:iphone_os:*:*", + "versionEndIncluding": "10.4.2", + "matchCriteriaId": "8C92C0A8-F610-4037-904A-72A0EF590B6F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:uzabase:newspicks:*:*:*:*:*:android:*:*", + "versionEndIncluding": "10.4.5", + "matchCriteriaId": "3570C41E-46D1-47B4-AC43-A94BD24D4596" + } + ] + } + ] + } + ], "references": [ { "url": "https://apps.apple.com/us/app/%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%BA%E3%83%94%E3%83%83%E3%82%AF%E3%82%B9-%E3%83%93%E3%82%B8%E3%83%8D%E3%82%B9%E3%81%AB%E5%BD%B9%E7%AB%8B%E3%81%A4%E7%B5%8C%E6%B8%88%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%82%A2%E3%83%97%E3%83%AA/id640956497", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] }, { "url": "https://jvn.jp/en/jp/JVN32739265/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://play.google.com/store/apps/details?id=com.newspicks", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-31xx/CVE-2023-3113.json b/CVE-2023/CVE-2023-31xx/CVE-2023-3113.json index 038e160163a..01b88019e77 100644 --- a/CVE-2023/CVE-2023-31xx/CVE-2023-3113.json +++ b/CVE-2023/CVE-2023-31xx/CVE-2023-3113.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3113", "sourceIdentifier": "psirt@lenovo.com", "published": "2023-06-26T20:15:10.653", - "lastModified": "2023-06-26T22:13:24.933", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T19:09:45.693", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "psirt@lenovo.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-611" + } + ] + }, { "source": "psirt@lenovo.com", "type": "Secondary", @@ -46,10 +76,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lenovo:xclarity_administrator:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.0.0", + "matchCriteriaId": "0C5408FA-1190-4AC5-AB4D-954CB205067C" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.lenovo.com/us/en/product_security/LEN-98715", - "source": "psirt@lenovo.com" + "source": "psirt@lenovo.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-331xx/CVE-2023-33190.json b/CVE-2023/CVE-2023-331xx/CVE-2023-33190.json index a6949969c96..9cf4e83fadf 100644 --- a/CVE-2023/CVE-2023-331xx/CVE-2023-33190.json +++ b/CVE-2023/CVE-2023-331xx/CVE-2023-33190.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33190", "sourceIdentifier": "security-advisories@github.com", "published": "2023-06-29T19:15:08.977", - "lastModified": "2023-06-30T14:15:09.353", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T18:09:23.047", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -36,8 +56,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,14 +76,53 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:sealos_project:sealos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.2.1", + "matchCriteriaId": "8A9F01E6-2464-4BEF-A23E-3CE9C80B3B1C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:sealos_project:sealos:4.2.1:rc1:*:*:*:*:*:*", + "matchCriteriaId": "61221CF0-D75A-440C-BBED-E1DB510C637A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:sealos_project:sealos:4.2.1:rc2:*:*:*:*:*:*", + "matchCriteriaId": "C490F686-57AB-4100-9117-18646A2B66C6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:sealos_project:sealos:4.2.1:rc3:*:*:*:*:*:*", + "matchCriteriaId": "0CCEA7AE-9D3B-41CF-B215-CD38480822A0" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/labring/sealos/commit/4cdf52e55666864e5f90ed502e9fc13e18985b7b", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/labring/sealos/security/advisories/GHSA-74j8-w7f9-pp62", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33276.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33276.json index 468c3873d9f..5524c9cea2c 100644 --- a/CVE-2023/CVE-2023-332xx/CVE-2023-33276.json +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33276.json @@ -2,23 +2,99 @@ "id": "CVE-2023-33276", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-30T14:15:09.427", - "lastModified": "2023-06-30T15:29:21.147", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T18:39:53.007", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 responds with a \"404 - Not Found\" status code if a path is accessed that does not exist. However, the value of the path is reflected in the response. As the application will reflect the supplied path without context-sensitive HTML encoding, it is vulnerable to reflective cross-site scripting (XSS)." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gira:knx_ip_router_firmware:3.1.3683.0:*:*:*:*:*:*:*", + "matchCriteriaId": "0D32F793-EB7B-405B-B256-5AEE5FAC03B8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gira:knx_ip_router_firmware:3.3.8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "7DE29350-C70D-4AFB-9727-8946759592C7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gira:knx_ip_router:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4D468470-3694-44BD-944C-77C1D63B64C4" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.syss.de/en/responsible-disclosure-policy", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Not Applicable" + ] }, { "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-016.txt", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34648.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34648.json index fcefe81c598..ca80e7f97c5 100644 --- a/CVE-2023/CVE-2023-346xx/CVE-2023-34648.json +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34648.json @@ -2,19 +2,74 @@ "id": "CVE-2023-34648", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T03:15:09.423", - "lastModified": "2023-06-29T15:35:43.220", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T18:36:09.547", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A Cross Site Scripting vulnerability in PHPgurukl User Registration Login and User Management System with admin panel v.1.0 allows a local attacker to execute arbitrary code via a crafted script to the signup.php." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:user_registration_\\&_login_and_user_management_system_with_admin_panel_project:user_registration_\\&_login_and_user_management_system_with_admin_panel:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D86864F2-6132-4867-BD5F-481D8559044D" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/ckalnarayan/Common-Vulnerabilities-and-Exposures/blob/main/CVE-2023-34648", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3464.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3464.json index 6bdb95003eb..d2588358e34 100644 --- a/CVE-2023/CVE-2023-34xx/CVE-2023-3464.json +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3464.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3464", "sourceIdentifier": "cna@vuldb.com", "published": "2023-06-29T21:15:09.977", - "lastModified": "2023-06-29T23:57:54.363", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T18:46:28.547", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:simplephpscripts:classified_ads_script_php:1.8:*:*:*:*:*:*:*", + "matchCriteriaId": "85CB90EE-417B-40A2-8A9C-85E6D305BADE" + } + ] + } + ] + } + ], "references": [ { "url": "https://simplephpscripts.com/guestbook-script-php/guestbook/preview.php", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Not Applicable" + ] }, { "url": "https://vuldb.com/?ctiid.232710", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.232710", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3465.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3465.json index ef557ceccb0..be3299f8876 100644 --- a/CVE-2023/CVE-2023-34xx/CVE-2023-3465.json +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3465.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3465", "sourceIdentifier": "cna@vuldb.com", "published": "2023-06-29T21:15:10.047", - "lastModified": "2023-06-29T23:57:54.363", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T18:45:16.383", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:simplephpscripts:classified_ads_script_php:1.8:*:*:*:*:*:*:*", + "matchCriteriaId": "85CB90EE-417B-40A2-8A9C-85E6D305BADE" + } + ] + } + ] + } + ], "references": [ { "url": "https://simplephpscripts.com/guestbook-script-php/guestbook/preview.php", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Not Applicable" + ] }, { "url": "https://vuldb.com/?ctiid.232711", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.232711", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3478.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3478.json index 63570f31c9c..27a690e8944 100644 --- a/CVE-2023/CVE-2023-34xx/CVE-2023-3478.json +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3478.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3478", "sourceIdentifier": "cna@vuldb.com", "published": "2023-06-30T12:15:09.250", - "lastModified": "2023-06-30T12:59:54.343", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T18:52:16.210", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -61,7 +83,7 @@ }, "weaknesses": [ { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -69,20 +91,57 @@ "value": "CWE-89" } ] + }, + { + "source": "cna@vuldb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibos:ibos:4.5.5:*:*:*:*:*:*:*", + "matchCriteriaId": "1F678D76-48AA-4940-833F-5567D196DB7D" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/ShuangbiaoDai/CVE/blob/main/ibos%20oa.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.232759", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.232759", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35175.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35175.json index 460cd9614c5..38371c0fc58 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35175.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35175.json @@ -2,19 +2,1123 @@ "id": "CVE-2023-35175", "sourceIdentifier": "hp-security-alert@hp.com", "published": "2023-06-30T16:15:09.643", - "lastModified": "2023-06-30T18:05:17.307", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T18:38:58.350", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Request Forgery (SSRF) using the Web Service Eventing model." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a75a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "C7C39CC4-84AF-4C3D-A685-597D248DAE7B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a75a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C166EDB7-C8D9-45C1-B2E1-C147EAF14AE3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a76a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "AA76D7C6-A648-46AB-B1D3-69258AD48E36" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a76a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9B6E5E81-C1E7-4917-9CE5-3175618C4F77" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a77a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "5EA8D845-7505-473E-9E54-CD0EAA464F63" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a77a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "22493ED0-0190-4620-A566-40C547FC2A2A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a78a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "FAECAE2F-2193-45D8-80B9-C892012B569A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a78a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "96DE9C68-BC55-4E46-A6AA-45D73CFB8DAE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a79a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "BA4A7C61-F02D-497A-86AC-7C67B0806416" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a79a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6AC5824A-1DE4-4DFB-A958-A26E7B844089" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a80a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "A75BEC9A-F339-4B83-B798-3ED3EC94D86F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a80a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "46815386-E459-4DC6-AB89-C4524B6A830D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a81a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "689F72B7-989A-42D9-BEAB-F46AB8D1D277" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a81a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "09ED8341-574A-4E0C-A4CF-6A44A48488F2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a82a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "E31A3EE6-6A7A-4618-A311-EFE5BFE33434" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a82a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "708706C7-8E8B-456C-AFD1-36DFAB088A85" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y40a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "89D82CBD-7EF8-4CB3-B51D-77EB0D6E88C7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y40a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A0B8FCC1-8C4D-4CF4-A544-185FC15CC720" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y41a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "21A9019D-074C-43A2-AD2D-EFFF48862547" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y41a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4B3DDD9A-8D86-4FB2-9508-BB8B21EF054B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y43a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "6A7D0B6B-CA49-4ED4-8B50-B3FA4732B457" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y43a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4A1A6F50-AE27-45E7-98B0-9804D64188D3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y44a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "D72B68B4-4105-4DAF-B9FD-151680B04F53" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y44a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "80727AC4-3B6A-4EB4-93E4-1E73D199F949" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y45a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "108018F4-5245-47F2-911E-7FEDACAAD83D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y45a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4135473E-5D1D-4C4F-8FFD-C2AB797C1ECA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y46a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "AA5C974B-501C-41A5-93E3-461EB87DF1CD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y46a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC8133D0-14BF-404C-81D1-EA5BC0FDF0A1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y47a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "2CB15F43-BF65-400E-97EA-8FF3F17BE13A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y47a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B8B26BEA-03DD-41E0-9356-2043FF471D30" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m304-m305_w1a46a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "368F419C-2015-4F2D-8319-E824E862F451" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m304-m305_w1a46a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2824878B-A718-4D7D-9016-9AF10399BDBD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m304-m305_w1a47a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "AF605077-AFE5-4A12-B825-96C6AE14C40A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m304-m305_w1a47a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9BA0AD5B-9E7C-49BE-8190-282427E10EE2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m304-m305_w1a48a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "60EBB6BC-5242-42E8-936B-82A88CED54E5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m304-m305_w1a48a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "412C00A8-50D7-4638-B1B9-C2076FE13C1F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m304-m305_w1a66a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "14DF4CF7-E3A3-4CC6-A6AE-17CB05EFC0DF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m304-m305_w1a66a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9DA51BE0-E2AE-441F-9ACA-3EB5A2D243DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_93m22a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "6D814D23-DCA7-4009-B373-7CBC70B48806" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_93m22a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E7F66723-5A58-4612-97DE-2E82ED85494D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a51a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "BC3C5B44-54F8-46D2-BB7D-0A7ECE5986C4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a51a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9A6449B5-AAEE-4BDF-A0F0-76A622043C4A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a52a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "906C2558-D918-4963-8710-0FEE8EBECCF2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a52a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D8BF1464-C84D-4C5E-A7DE-6CBEBB2F54F0" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a53a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "E5555617-A379-41EE-A755-2AF476066068" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a53a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CE480BFD-5423-46EA-A6F2-45C1143E3183" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a56a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "5DDDE42C-E3F0-4EF8-AE19-814689650E7E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a56a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1EB49BED-289D-4663-B019-985D608337F3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a57a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "9C337DD9-EC65-4E4A-ACD8-EC72D6F0D9A3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a57a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F417CE57-3FAD-4084-BF42-ED65D7E5EDF6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a58a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "48468CDB-44F4-45AB-BAF9-66E8E09B088E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a58a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7FE682C6-30C8-42D3-8F67-141DF64E9B0D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a59a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "6379C0B4-6D98-4B44-BB2C-FB2EB4A16134" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a59a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "54844167-292B-42A1-BEEA-CB2F4524B4FC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a60a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "DB106ED1-512D-464F-A04E-52F4F8CC2566" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a60a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1B8E6F09-0BE0-4BB9-9539-86B822B49387" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a63a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "4E8B56BF-42D4-49DC-9955-4B0C5324E9CA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a63a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "926EA9D9-83E0-4AA6-BAAA-31C713475473" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_f_w1a29a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "C46B4162-54C1-4D3C-8E48-336AE1DE35E0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_f_w1a29a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "68CA3AEE-A266-42BE-829A-B02A1A9D1711" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_f_w1a30a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "66FD8474-F76F-40E3-BA4E-C5DFEC1B1D93" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_f_w1a30a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3A21CFFF-B613-49AF-9063-E3B96BFD7207" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_f_w1a32a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "5F5D2951-EDE1-422E-9A77-FB059F6DA136" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_f_w1a32a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0E476813-B37C-4B81-8C92-E437055444FB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_f_w1a34a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "28D7E106-1F17-4D41-B895-8851DA46C076" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_f_w1a34a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "57DA0387-AC56-4510-B170-D854E441FCE9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_f_w1a35a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "0B4E8F3E-1E11-4D7B-B101-E26E874C1EAC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_f_w1a35a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7AB52262-C2B3-4B1E-AD48-6EE3DF9E3950" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_f_w1a38a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "405EAE48-AD27-4C3F-A837-E3D87296C2DA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_f_w1a38a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EEB847F0-D15E-409C-B82E-339FBF07AC7A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_w1a28a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "936F4397-AC8C-4B10-8E33-D0D8334C42D9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_w1a28a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C00A9FF2-35EA-4B6F-8926-4BC79505A7B1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_w1a31a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "9E4FC4D5-1339-4331-9BBD-E1C00D9C9C4F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_w1a31a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1D9AFC01-5C53-4F31-9A3C-A891BC9745EA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_w1a33a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "28411EED-8BAA-4A7E-9B9F-DB6D9354CD95" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_w1a33a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AA0578BA-4277-4A04-ABA2-CB4A6F575B83" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.hp.com/us-en/document/ish_8651322-8651446-16/hpsbpi03851", - "source": "hp-security-alert@hp.com" + "source": "hp-security-alert@hp.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35176.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35176.json index dcf5f9b52a9..65f4be31b77 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35176.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35176.json @@ -2,19 +2,1123 @@ "id": "CVE-2023-35176", "sourceIdentifier": "hp-security-alert@hp.com", "published": "2023-06-30T16:15:09.687", - "lastModified": "2023-06-30T18:05:17.307", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T18:38:36.187", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Denial of Service when using the backup & restore feature through the embedded web service on the device." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a75a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "C7C39CC4-84AF-4C3D-A685-597D248DAE7B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a75a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C166EDB7-C8D9-45C1-B2E1-C147EAF14AE3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a76a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "AA76D7C6-A648-46AB-B1D3-69258AD48E36" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a76a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9B6E5E81-C1E7-4917-9CE5-3175618C4F77" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a77a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "5EA8D845-7505-473E-9E54-CD0EAA464F63" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a77a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "22493ED0-0190-4620-A566-40C547FC2A2A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a78a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "FAECAE2F-2193-45D8-80B9-C892012B569A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a78a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "96DE9C68-BC55-4E46-A6AA-45D73CFB8DAE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a79a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "BA4A7C61-F02D-497A-86AC-7C67B0806416" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a79a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6AC5824A-1DE4-4DFB-A958-A26E7B844089" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a80a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "A75BEC9A-F339-4B83-B798-3ED3EC94D86F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a80a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "46815386-E459-4DC6-AB89-C4524B6A830D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a81a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "689F72B7-989A-42D9-BEAB-F46AB8D1D277" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a81a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "09ED8341-574A-4E0C-A4CF-6A44A48488F2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a82a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "E31A3EE6-6A7A-4618-A311-EFE5BFE33434" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a82a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "708706C7-8E8B-456C-AFD1-36DFAB088A85" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y40a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "89D82CBD-7EF8-4CB3-B51D-77EB0D6E88C7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y40a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A0B8FCC1-8C4D-4CF4-A544-185FC15CC720" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y41a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "21A9019D-074C-43A2-AD2D-EFFF48862547" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y41a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4B3DDD9A-8D86-4FB2-9508-BB8B21EF054B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y43a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "6A7D0B6B-CA49-4ED4-8B50-B3FA4732B457" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y43a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4A1A6F50-AE27-45E7-98B0-9804D64188D3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y44a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "D72B68B4-4105-4DAF-B9FD-151680B04F53" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y44a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "80727AC4-3B6A-4EB4-93E4-1E73D199F949" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y45a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "108018F4-5245-47F2-911E-7FEDACAAD83D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y45a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4135473E-5D1D-4C4F-8FFD-C2AB797C1ECA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y46a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "AA5C974B-501C-41A5-93E3-461EB87DF1CD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y46a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC8133D0-14BF-404C-81D1-EA5BC0FDF0A1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y47a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "2CB15F43-BF65-400E-97EA-8FF3F17BE13A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y47a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B8B26BEA-03DD-41E0-9356-2043FF471D30" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m304-m305_w1a46a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "368F419C-2015-4F2D-8319-E824E862F451" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m304-m305_w1a46a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2824878B-A718-4D7D-9016-9AF10399BDBD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m304-m305_w1a47a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "AF605077-AFE5-4A12-B825-96C6AE14C40A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m304-m305_w1a47a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9BA0AD5B-9E7C-49BE-8190-282427E10EE2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m304-m305_w1a48a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "60EBB6BC-5242-42E8-936B-82A88CED54E5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m304-m305_w1a48a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "412C00A8-50D7-4638-B1B9-C2076FE13C1F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m304-m305_w1a66a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "14DF4CF7-E3A3-4CC6-A6AE-17CB05EFC0DF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m304-m305_w1a66a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9DA51BE0-E2AE-441F-9ACA-3EB5A2D243DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_93m22a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "6D814D23-DCA7-4009-B373-7CBC70B48806" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_93m22a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E7F66723-5A58-4612-97DE-2E82ED85494D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a51a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "BC3C5B44-54F8-46D2-BB7D-0A7ECE5986C4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a51a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9A6449B5-AAEE-4BDF-A0F0-76A622043C4A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a52a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "906C2558-D918-4963-8710-0FEE8EBECCF2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a52a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D8BF1464-C84D-4C5E-A7DE-6CBEBB2F54F0" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a53a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "E5555617-A379-41EE-A755-2AF476066068" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a53a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CE480BFD-5423-46EA-A6F2-45C1143E3183" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a56a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "5DDDE42C-E3F0-4EF8-AE19-814689650E7E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a56a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1EB49BED-289D-4663-B019-985D608337F3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a57a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "9C337DD9-EC65-4E4A-ACD8-EC72D6F0D9A3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a57a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F417CE57-3FAD-4084-BF42-ED65D7E5EDF6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a58a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "48468CDB-44F4-45AB-BAF9-66E8E09B088E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a58a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7FE682C6-30C8-42D3-8F67-141DF64E9B0D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a59a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "6379C0B4-6D98-4B44-BB2C-FB2EB4A16134" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a59a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "54844167-292B-42A1-BEEA-CB2F4524B4FC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a60a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "DB106ED1-512D-464F-A04E-52F4F8CC2566" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a60a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1B8E6F09-0BE0-4BB9-9539-86B822B49387" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a63a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "4E8B56BF-42D4-49DC-9955-4B0C5324E9CA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a63a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "926EA9D9-83E0-4AA6-BAAA-31C713475473" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_f_w1a29a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "C46B4162-54C1-4D3C-8E48-336AE1DE35E0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_f_w1a29a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "68CA3AEE-A266-42BE-829A-B02A1A9D1711" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_f_w1a30a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "66FD8474-F76F-40E3-BA4E-C5DFEC1B1D93" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_f_w1a30a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3A21CFFF-B613-49AF-9063-E3B96BFD7207" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_f_w1a32a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "5F5D2951-EDE1-422E-9A77-FB059F6DA136" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_f_w1a32a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0E476813-B37C-4B81-8C92-E437055444FB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_f_w1a34a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "28D7E106-1F17-4D41-B895-8851DA46C076" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_f_w1a34a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "57DA0387-AC56-4510-B170-D854E441FCE9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_f_w1a35a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "0B4E8F3E-1E11-4D7B-B101-E26E874C1EAC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_f_w1a35a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7AB52262-C2B3-4B1E-AD48-6EE3DF9E3950" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_f_w1a38a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "405EAE48-AD27-4C3F-A837-E3D87296C2DA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_f_w1a38a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EEB847F0-D15E-409C-B82E-339FBF07AC7A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_w1a28a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "936F4397-AC8C-4B10-8E33-D0D8334C42D9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_w1a28a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C00A9FF2-35EA-4B6F-8926-4BC79505A7B1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_w1a31a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "9E4FC4D5-1339-4331-9BBD-E1C00D9C9C4F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_w1a31a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1D9AFC01-5C53-4F31-9A3C-A891BC9745EA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_w1a33a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "28411EED-8BAA-4A7E-9B9F-DB6D9354CD95" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_w1a33a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AA0578BA-4277-4A04-ABA2-CB4A6F575B83" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.hp.com/us-en/document/ish_8651671-8651697-16/hpsbpi03852", - "source": "hp-security-alert@hp.com" + "source": "hp-security-alert@hp.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35177.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35177.json index 9e548a96fc3..223c3c40824 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35177.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35177.json @@ -2,19 +2,1123 @@ "id": "CVE-2023-35177", "sourceIdentifier": "hp-security-alert@hp.com", "published": "2023-06-30T16:15:09.737", - "lastModified": "2023-06-30T18:05:17.307", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T18:37:42.030", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Certain HP LaserJet Pro print products are potentially vulnerable to a stack-based buffer overflow related to the compact font format parser." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a75a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "C7C39CC4-84AF-4C3D-A685-597D248DAE7B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a75a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C166EDB7-C8D9-45C1-B2E1-C147EAF14AE3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a76a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "AA76D7C6-A648-46AB-B1D3-69258AD48E36" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a76a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9B6E5E81-C1E7-4917-9CE5-3175618C4F77" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a77a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "5EA8D845-7505-473E-9E54-CD0EAA464F63" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a77a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "22493ED0-0190-4620-A566-40C547FC2A2A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a78a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "FAECAE2F-2193-45D8-80B9-C892012B569A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a78a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "96DE9C68-BC55-4E46-A6AA-45D73CFB8DAE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a79a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "BA4A7C61-F02D-497A-86AC-7C67B0806416" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a79a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6AC5824A-1DE4-4DFB-A958-A26E7B844089" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a80a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "A75BEC9A-F339-4B83-B798-3ED3EC94D86F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a80a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "46815386-E459-4DC6-AB89-C4524B6A830D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a81a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "689F72B7-989A-42D9-BEAB-F46AB8D1D277" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a81a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "09ED8341-574A-4E0C-A4CF-6A44A48488F2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a82a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "E31A3EE6-6A7A-4618-A311-EFE5BFE33434" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a82a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "708706C7-8E8B-456C-AFD1-36DFAB088A85" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y40a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "89D82CBD-7EF8-4CB3-B51D-77EB0D6E88C7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y40a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A0B8FCC1-8C4D-4CF4-A544-185FC15CC720" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y41a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "21A9019D-074C-43A2-AD2D-EFFF48862547" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y41a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4B3DDD9A-8D86-4FB2-9508-BB8B21EF054B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y43a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "6A7D0B6B-CA49-4ED4-8B50-B3FA4732B457" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y43a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4A1A6F50-AE27-45E7-98B0-9804D64188D3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y44a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "D72B68B4-4105-4DAF-B9FD-151680B04F53" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y44a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "80727AC4-3B6A-4EB4-93E4-1E73D199F949" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y45a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "108018F4-5245-47F2-911E-7FEDACAAD83D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y45a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4135473E-5D1D-4C4F-8FFD-C2AB797C1ECA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y46a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "AA5C974B-501C-41A5-93E3-461EB87DF1CD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y46a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC8133D0-14BF-404C-81D1-EA5BC0FDF0A1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y47a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "2CB15F43-BF65-400E-97EA-8FF3F17BE13A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y47a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B8B26BEA-03DD-41E0-9356-2043FF471D30" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m304-m305_w1a46a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "368F419C-2015-4F2D-8319-E824E862F451" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m304-m305_w1a46a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2824878B-A718-4D7D-9016-9AF10399BDBD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m304-m305_w1a47a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "AF605077-AFE5-4A12-B825-96C6AE14C40A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m304-m305_w1a47a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9BA0AD5B-9E7C-49BE-8190-282427E10EE2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m304-m305_w1a48a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "60EBB6BC-5242-42E8-936B-82A88CED54E5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m304-m305_w1a48a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "412C00A8-50D7-4638-B1B9-C2076FE13C1F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m304-m305_w1a66a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "14DF4CF7-E3A3-4CC6-A6AE-17CB05EFC0DF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m304-m305_w1a66a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9DA51BE0-E2AE-441F-9ACA-3EB5A2D243DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_93m22a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "6D814D23-DCA7-4009-B373-7CBC70B48806" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_93m22a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E7F66723-5A58-4612-97DE-2E82ED85494D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a51a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "BC3C5B44-54F8-46D2-BB7D-0A7ECE5986C4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a51a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9A6449B5-AAEE-4BDF-A0F0-76A622043C4A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a52a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "906C2558-D918-4963-8710-0FEE8EBECCF2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a52a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D8BF1464-C84D-4C5E-A7DE-6CBEBB2F54F0" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a53a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "E5555617-A379-41EE-A755-2AF476066068" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a53a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CE480BFD-5423-46EA-A6F2-45C1143E3183" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a56a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "5DDDE42C-E3F0-4EF8-AE19-814689650E7E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a56a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1EB49BED-289D-4663-B019-985D608337F3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a57a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "9C337DD9-EC65-4E4A-ACD8-EC72D6F0D9A3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a57a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F417CE57-3FAD-4084-BF42-ED65D7E5EDF6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a58a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "48468CDB-44F4-45AB-BAF9-66E8E09B088E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a58a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7FE682C6-30C8-42D3-8F67-141DF64E9B0D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a59a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "6379C0B4-6D98-4B44-BB2C-FB2EB4A16134" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a59a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "54844167-292B-42A1-BEEA-CB2F4524B4FC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a60a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "DB106ED1-512D-464F-A04E-52F4F8CC2566" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a60a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1B8E6F09-0BE0-4BB9-9539-86B822B49387" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a63a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "4E8B56BF-42D4-49DC-9955-4B0C5324E9CA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a63a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "926EA9D9-83E0-4AA6-BAAA-31C713475473" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_f_w1a29a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "C46B4162-54C1-4D3C-8E48-336AE1DE35E0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_f_w1a29a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "68CA3AEE-A266-42BE-829A-B02A1A9D1711" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_f_w1a30a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "66FD8474-F76F-40E3-BA4E-C5DFEC1B1D93" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_f_w1a30a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3A21CFFF-B613-49AF-9063-E3B96BFD7207" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_f_w1a32a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "5F5D2951-EDE1-422E-9A77-FB059F6DA136" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_f_w1a32a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0E476813-B37C-4B81-8C92-E437055444FB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_f_w1a34a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "28D7E106-1F17-4D41-B895-8851DA46C076" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_f_w1a34a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "57DA0387-AC56-4510-B170-D854E441FCE9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_f_w1a35a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "0B4E8F3E-1E11-4D7B-B101-E26E874C1EAC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_f_w1a35a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7AB52262-C2B3-4B1E-AD48-6EE3DF9E3950" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_f_w1a38a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "405EAE48-AD27-4C3F-A837-E3D87296C2DA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_f_w1a38a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EEB847F0-D15E-409C-B82E-339FBF07AC7A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_w1a28a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "936F4397-AC8C-4B10-8E33-D0D8334C42D9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_w1a28a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C00A9FF2-35EA-4B6F-8926-4BC79505A7B1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_w1a31a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "9E4FC4D5-1339-4331-9BBD-E1C00D9C9C4F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_w1a31a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1D9AFC01-5C53-4F31-9A3C-A891BC9745EA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_w1a33a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "28411EED-8BAA-4A7E-9B9F-DB6D9354CD95" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_w1a33a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AA0578BA-4277-4A04-ABA2-CB4A6F575B83" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.hp.com/us-en/document/ish_8651888-8651916-16/hpsbpi03853", - "source": "hp-security-alert@hp.com" + "source": "hp-security-alert@hp.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35178.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35178.json index 7c04ae56057..f7cdb4c0d94 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35178.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35178.json @@ -2,19 +2,1123 @@ "id": "CVE-2023-35178", "sourceIdentifier": "hp-security-alert@hp.com", "published": "2023-06-30T16:15:09.787", - "lastModified": "2023-06-30T18:05:17.307", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T18:37:18.853", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow when performing a GET request to scan jobs." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a75a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "C7C39CC4-84AF-4C3D-A685-597D248DAE7B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a75a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C166EDB7-C8D9-45C1-B2E1-C147EAF14AE3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a76a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "AA76D7C6-A648-46AB-B1D3-69258AD48E36" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a76a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9B6E5E81-C1E7-4917-9CE5-3175618C4F77" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a77a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "5EA8D845-7505-473E-9E54-CD0EAA464F63" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a77a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "22493ED0-0190-4620-A566-40C547FC2A2A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a78a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "FAECAE2F-2193-45D8-80B9-C892012B569A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a78a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "96DE9C68-BC55-4E46-A6AA-45D73CFB8DAE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a79a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "BA4A7C61-F02D-497A-86AC-7C67B0806416" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a79a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6AC5824A-1DE4-4DFB-A958-A26E7B844089" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a80a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "A75BEC9A-F339-4B83-B798-3ED3EC94D86F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a80a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "46815386-E459-4DC6-AB89-C4524B6A830D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a81a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "689F72B7-989A-42D9-BEAB-F46AB8D1D277" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a81a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "09ED8341-574A-4E0C-A4CF-6A44A48488F2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m478-m479_w1a82a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "E31A3EE6-6A7A-4618-A311-EFE5BFE33434" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m478-m479_w1a82a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "708706C7-8E8B-456C-AFD1-36DFAB088A85" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y40a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "89D82CBD-7EF8-4CB3-B51D-77EB0D6E88C7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y40a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A0B8FCC1-8C4D-4CF4-A544-185FC15CC720" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y41a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "21A9019D-074C-43A2-AD2D-EFFF48862547" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y41a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4B3DDD9A-8D86-4FB2-9508-BB8B21EF054B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y43a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "6A7D0B6B-CA49-4ED4-8B50-B3FA4732B457" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y43a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4A1A6F50-AE27-45E7-98B0-9804D64188D3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y44a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "D72B68B4-4105-4DAF-B9FD-151680B04F53" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y44a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "80727AC4-3B6A-4EB4-93E4-1E73D199F949" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y45a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "108018F4-5245-47F2-911E-7FEDACAAD83D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y45a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4135473E-5D1D-4C4F-8FFD-C2AB797C1ECA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y46a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "AA5C974B-501C-41A5-93E3-461EB87DF1CD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y46a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC8133D0-14BF-404C-81D1-EA5BC0FDF0A1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m453-m454_w1y47a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "2CB15F43-BF65-400E-97EA-8FF3F17BE13A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m453-m454_w1y47a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B8B26BEA-03DD-41E0-9356-2043FF471D30" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m304-m305_w1a46a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "368F419C-2015-4F2D-8319-E824E862F451" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m304-m305_w1a46a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2824878B-A718-4D7D-9016-9AF10399BDBD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m304-m305_w1a47a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "AF605077-AFE5-4A12-B825-96C6AE14C40A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m304-m305_w1a47a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9BA0AD5B-9E7C-49BE-8190-282427E10EE2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m304-m305_w1a48a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "60EBB6BC-5242-42E8-936B-82A88CED54E5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m304-m305_w1a48a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "412C00A8-50D7-4638-B1B9-C2076FE13C1F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m304-m305_w1a66a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "14DF4CF7-E3A3-4CC6-A6AE-17CB05EFC0DF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m304-m305_w1a66a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9DA51BE0-E2AE-441F-9ACA-3EB5A2D243DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_93m22a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "6D814D23-DCA7-4009-B373-7CBC70B48806" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_93m22a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E7F66723-5A58-4612-97DE-2E82ED85494D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a51a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "BC3C5B44-54F8-46D2-BB7D-0A7ECE5986C4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a51a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9A6449B5-AAEE-4BDF-A0F0-76A622043C4A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a52a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "906C2558-D918-4963-8710-0FEE8EBECCF2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a52a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D8BF1464-C84D-4C5E-A7DE-6CBEBB2F54F0" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a53a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "E5555617-A379-41EE-A755-2AF476066068" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a53a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CE480BFD-5423-46EA-A6F2-45C1143E3183" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a56a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "5DDDE42C-E3F0-4EF8-AE19-814689650E7E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a56a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1EB49BED-289D-4663-B019-985D608337F3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a57a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "9C337DD9-EC65-4E4A-ACD8-EC72D6F0D9A3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a57a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F417CE57-3FAD-4084-BF42-ED65D7E5EDF6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a58a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "48468CDB-44F4-45AB-BAF9-66E8E09B088E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a58a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7FE682C6-30C8-42D3-8F67-141DF64E9B0D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a59a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "6379C0B4-6D98-4B44-BB2C-FB2EB4A16134" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a59a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "54844167-292B-42A1-BEEA-CB2F4524B4FC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a60a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "DB106ED1-512D-464F-A04E-52F4F8CC2566" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a60a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1B8E6F09-0BE0-4BB9-9539-86B822B49387" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_m404-m405_w1a63a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "4E8B56BF-42D4-49DC-9955-4B0C5324E9CA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_m404-m405_w1a63a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "926EA9D9-83E0-4AA6-BAAA-31C713475473" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_f_w1a29a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "C46B4162-54C1-4D3C-8E48-336AE1DE35E0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_f_w1a29a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "68CA3AEE-A266-42BE-829A-B02A1A9D1711" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_f_w1a30a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "66FD8474-F76F-40E3-BA4E-C5DFEC1B1D93" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_f_w1a30a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3A21CFFF-B613-49AF-9063-E3B96BFD7207" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_f_w1a32a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "5F5D2951-EDE1-422E-9A77-FB059F6DA136" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_f_w1a32a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0E476813-B37C-4B81-8C92-E437055444FB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_f_w1a34a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "28D7E106-1F17-4D41-B895-8851DA46C076" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_f_w1a34a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "57DA0387-AC56-4510-B170-D854E441FCE9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_f_w1a35a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "0B4E8F3E-1E11-4D7B-B101-E26E874C1EAC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_f_w1a35a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7AB52262-C2B3-4B1E-AD48-6EE3DF9E3950" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_f_w1a38a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "405EAE48-AD27-4C3F-A837-E3D87296C2DA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_f_w1a38a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EEB847F0-D15E-409C-B82E-339FBF07AC7A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_w1a28a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "936F4397-AC8C-4B10-8E33-D0D8334C42D9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_w1a28a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C00A9FF2-35EA-4B6F-8926-4BC79505A7B1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_w1a31a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "9E4FC4D5-1339-4331-9BBD-E1C00D9C9C4F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_w1a31a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1D9AFC01-5C53-4F31-9A3C-A891BC9745EA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:laserjet_pro_mfp_m428-m429_w1a33a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "002_2322c", + "matchCriteriaId": "28411EED-8BAA-4A7E-9B9F-DB6D9354CD95" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:laserjet_pro_mfp_m428-m429_w1a33a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AA0578BA-4277-4A04-ABA2-CB4A6F575B83" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.hp.com/us-en/document/ish_8651729-8651769-16/hpsbpi03854", - "source": "hp-security-alert@hp.com" + "source": "hp-security-alert@hp.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-361xx/CVE-2023-36146.json b/CVE-2023/CVE-2023-361xx/CVE-2023-36146.json index 64ea7e7d664..ef9243746dd 100644 --- a/CVE-2023/CVE-2023-361xx/CVE-2023-36146.json +++ b/CVE-2023/CVE-2023-361xx/CVE-2023-36146.json @@ -2,23 +2,87 @@ "id": "CVE-2023-36146", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-30T01:15:08.823", - "lastModified": "2023-06-30T12:59:58.713", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T18:48:07.887", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A Stored Cross-Site Scripting (XSS) vulnerability was found in Multilaser RE 170 using firmware 2.2.6733." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:multilaser:re170_firmware:2.2.6733:*:*:*:*:*:*:*", + "matchCriteriaId": "D34F8548-AFE8-44AC-8ED9-5D9A45A65A67" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:multilaser:re170:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B4126733-9C90-494A-9E89-22741DBB84E9" + } + ] + } + ] + } + ], "references": [ - { - "url": "http://multilaser.com", - "source": "cve@mitre.org" - }, { "url": "https://github.com/leonardobg/CVE-2023-36146/#readme", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-362xx/CVE-2023-36256.json b/CVE-2023/CVE-2023-362xx/CVE-2023-36256.json new file mode 100644 index 00000000000..c2c8696169c --- /dev/null +++ b/CVE-2023/CVE-2023-362xx/CVE-2023-36256.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-36256", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-07T18:15:09.693", + "lastModified": "2023-07-07T18:15:09.693", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Online Examination System Project 1.0 version is vulnerable to Cross-Site Request Forgery (CSRF) attacks. An attacker can craft a malicious link that, when clicked by an admin user, will delete a user account from the database without the admin's consent. The email of the user to be deleted is passed as a parameter in the URL, which can be manipulated by the attacker. This could result in a loss of data." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.exploit-db.com/exploits/51511", + "source": "cve@mitre.org" + }, + { + "url": "https://www.hackersnotes.com/blog/pentest/online-examination-system-project-1-0-cross-site-request-forgery-csrf/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-363xx/CVE-2023-36347.json b/CVE-2023/CVE-2023-363xx/CVE-2023-36347.json index 70bc9afc3d2..05f5dc69dcd 100644 --- a/CVE-2023/CVE-2023-363xx/CVE-2023-36347.json +++ b/CVE-2023/CVE-2023-363xx/CVE-2023-36347.json @@ -2,23 +2,82 @@ "id": "CVE-2023-36347", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-30T02:15:09.347", - "lastModified": "2023-06-30T12:59:58.713", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T19:05:16.083", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codekop:codekop:2.0:*:*:*:*:*:*:*", + "matchCriteriaId": "3758E95F-5488-495B-846D-3ADDB6E6B338" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.youtube.com/watch?v=7qaIeE2cyO4", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] }, { "url": "https://yuyudhn.github.io/pos-codekop-vulnerability/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-366xx/CVE-2023-36607.json b/CVE-2023/CVE-2023-366xx/CVE-2023-36607.json index a8ec4d26602..f69cbff5cdf 100644 --- a/CVE-2023/CVE-2023-366xx/CVE-2023-36607.json +++ b/CVE-2023/CVE-2023-366xx/CVE-2023-36607.json @@ -2,15 +2,38 @@ "id": "CVE-2023-36607", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2023-06-29T21:15:09.917", - "lastModified": "2023-06-29T23:57:54.363", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T18:43:19.817", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The affected TBox RTUs are missing authorization for running some API commands. An attacker running these commands could reveal sensitive information such as software versions and web server file contents.\n\n" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, "weaknesses": [ { "source": "ics-cert@hq.dhs.gov", @@ -23,10 +46,157 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:ovarro:tbox_ms-cpu32_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.50.598", + "matchCriteriaId": "72CE5CAF-635F-4B1E-9440-3F745BA4A8BC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:ovarro:tbox_ms-cpu32:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0746C27E-6100-430A-8005-F71C8D24E827" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:ovarro:tbox_ms-cpu32-s2_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.50.598", + "matchCriteriaId": "EC6FAD9F-D3BE-4E69-A2EE-D08494FC5866" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:ovarro:tbox_ms-cpu32-s2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1753583A-93AC-4DBE-8E2C-A4816B8D1D11" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:ovarro:tbox_lt2_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.50.598", + "matchCriteriaId": "659B7A35-F886-44E9-9E1B-550B50F3C0F5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:ovarro:tbox_lt2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AACB5343-6982-4BC9-8173-E62160DF4595" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:ovarro:tbox_tg2_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.50.598", + "matchCriteriaId": "54A1620A-B664-4D8F-A34F-B6E07CC5BE33" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:ovarro:tbox_tg2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "551340E5-D721-40F1-8D14-CBF87A68BFB3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:ovarro:tbox_rm2_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.50.598", + "matchCriteriaId": "DD6F3E7D-E5E9-44E1-B066-5D6382C30D2E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:ovarro:tbox_rm2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F73C576F-9BAB-4C8E-9B47-9C930B67C910" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-03", - "source": "ics-cert@hq.dhs.gov" + "source": "ics-cert@hq.dhs.gov", + "tags": [ + "Mitigation", + "Third Party Advisory", + "US Government Resource" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-369xx/CVE-2023-36992.json b/CVE-2023/CVE-2023-369xx/CVE-2023-36992.json new file mode 100644 index 00000000000..f566df8b78b --- /dev/null +++ b/CVE-2023/CVE-2023-369xx/CVE-2023-36992.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-36992", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-07T19:15:09.770", + "lastModified": "2023-07-07T19:15:09.770", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "PHP injection in TravianZ 8.3.4 and 8.3.3 in the config editor in the admin page allows remote attackers to execute PHP code." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bramdoessecurity.com/travianz-hacked/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-369xx/CVE-2023-36993.json b/CVE-2023/CVE-2023-369xx/CVE-2023-36993.json new file mode 100644 index 00000000000..616ccf49533 --- /dev/null +++ b/CVE-2023/CVE-2023-369xx/CVE-2023-36993.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-36993", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-07T19:15:09.827", + "lastModified": "2023-07-07T19:15:09.827", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The cryptographically insecure random number generator being used in TravianZ 8.3.4 and 8.3.3 in the password reset function allows an attacker to guess the password reset.parameters and to take over accounts." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bramdoessecurity.com/travianz-hacked/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-369xx/CVE-2023-36994.json b/CVE-2023/CVE-2023-369xx/CVE-2023-36994.json new file mode 100644 index 00000000000..7610f7a790f --- /dev/null +++ b/CVE-2023/CVE-2023-369xx/CVE-2023-36994.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-36994", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-07T19:15:09.897", + "lastModified": "2023-07-07T19:15:09.897", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In TravianZ 8.3.4 and 8.3.3, Incorrect Access Control in the installation script allows an attacker to overwrite the server configuration and inject PHP code." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bramdoessecurity.com/travianz-hacked/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37301.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37301.json index 9cc5de60ff1..dc74643eaf8 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37301.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37301.json @@ -2,23 +2,85 @@ "id": "CVE-2023-37301", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-30T17:15:09.527", - "lastModified": "2023-06-30T18:05:17.307", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T18:26:42.243", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in SubmitEntityAction in Wikibase in MediaWiki through 1.39.3. Because it doesn't use EditEntity for undo and restore, the intended interaction with AbuseFilter does not occur." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.39.3", + "matchCriteriaId": "DEA20A42-6E1A-4DA2-8869-A49894256285" + } + ] + } + ] + } + ], "references": [ { "url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Wikibase/+/933663", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://phabricator.wikimedia.org/T250720", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37303.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37303.json index eb65f202926..10686d4f560 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37303.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37303.json @@ -2,23 +2,85 @@ "id": "CVE-2023-37303", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-30T17:15:09.617", - "lastModified": "2023-06-30T18:05:17.307", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T18:25:58.080", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in the CheckUser extension for MediaWiki through 1.39.3. In certain situations, an attempt to block a user fails after a temporary browser hang and a DBQueryDisconnectedError error message." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.39.3", + "matchCriteriaId": "DEA20A42-6E1A-4DA2-8869-A49894256285" + } + ] + } + ] + } + ], "references": [ { "url": "https://gerrit.wikimedia.org/r/q/I10a9273c542576b3f7bb38de68dcd2aa41cfb1b0", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://phabricator.wikimedia.org/T338276", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37305.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37305.json index 55777ce9e12..b8074fbfdd4 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37305.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37305.json @@ -2,23 +2,85 @@ "id": "CVE-2023-37305", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-30T17:15:09.707", - "lastModified": "2023-06-30T18:05:17.307", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T18:24:43.897", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in the ProofreadPage (aka Proofread Page) extension for MediaWiki through 1.39.3. In includes/Page/PageContentHandler.php and includes/Page/PageDisplayHandler.php, hidden users can be exposed via public interfaces." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.39.3", + "matchCriteriaId": "DEA20A42-6E1A-4DA2-8869-A49894256285" + } + ] + } + ] + } + ], "references": [ { "url": "https://gerrit.wikimedia.org/r/q/Ibe5f8e25dea155bbd811a65833394c0d4b906a34", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://phabricator.wikimedia.org/T326952", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37306.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37306.json index 27609e4c11d..3f5300024fb 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37306.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37306.json @@ -2,23 +2,82 @@ "id": "CVE-2023-37306", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-30T17:15:09.757", - "lastModified": "2023-06-30T18:05:17.307", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T19:00:31.167", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "MISP 2.4.172 mishandles different certificate file extensions in server sync. An attacker can obtain sensitive information because of the nature of the error messages." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-209" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:misp-project:malware_information_sharing_platform:2.4.172:*:*:*:*:*:*:*", + "matchCriteriaId": "08CB9C04-9845-4D45-B9A3-D473B10E5E0D" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/MISP/MISP/commit/f125630c1c2d0f5d11079d3653ab7bb2ab5cd908", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://www.synacktiv.com/publications/php-filter-chains-file-read-from-error-based-oracle", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37307.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37307.json index cc712e1a017..177606a75c1 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37307.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37307.json @@ -2,23 +2,83 @@ "id": "CVE-2023-37307", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-30T17:15:09.800", - "lastModified": "2023-06-30T18:05:17.307", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-07T19:00:08.273", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In MISP before 2.4.172, title_for_layout is not properly sanitized in Correlations, CorrelationExclusions, and Layouts." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:misp-project:malware_information_sharing_platform:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.4.172", + "matchCriteriaId": "5B85DED7-7D47-4040-B652-630964AF10A1" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/MISP/MISP/commit/286c84fab0047726a6a396ceefaae1bb666fc485", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/MISP/MISP/compare/v2.4.171...v2.4.172", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch", + "Product" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 672a1e5ba7d..ebe4f63007f 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-07-07T18:00:33.903204+00:00 +2023-07-07T20:00:32.715969+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-07-07T17:55:35.560000+00:00 +2023-07-07T19:46:53.497000+00:00 ``` ### Last Data Feed Release @@ -29,62 +29,53 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -219472 +219481 ``` ### CVEs added in the last Commit -Recently added CVEs: `18` +Recently added CVEs: `9` -* [CVE-2023-25201](CVE-2023/CVE-2023-252xx/CVE-2023-25201.json) (`2023-07-07T16:15:09.680`) -* [CVE-2023-29998](CVE-2023/CVE-2023-299xx/CVE-2023-29998.json) (`2023-07-07T16:15:09.737`) -* [CVE-2023-33664](CVE-2023/CVE-2023-336xx/CVE-2023-33664.json) (`2023-07-07T16:15:09.783`) -* [CVE-2023-36201](CVE-2023/CVE-2023-362xx/CVE-2023-36201.json) (`2023-07-07T16:15:09.827`) -* [CVE-2023-3541](CVE-2023/CVE-2023-35xx/CVE-2023-3541.json) (`2023-07-07T16:15:09.870`) -* [CVE-2023-3542](CVE-2023/CVE-2023-35xx/CVE-2023-3542.json) (`2023-07-07T16:15:09.947`) -* [CVE-2023-27845](CVE-2023/CVE-2023-278xx/CVE-2023-27845.json) (`2023-07-07T17:15:09.540`) -* [CVE-2023-33715](CVE-2023/CVE-2023-337xx/CVE-2023-33715.json) (`2023-07-07T17:15:09.607`) -* [CVE-2023-37061](CVE-2023/CVE-2023-370xx/CVE-2023-37061.json) (`2023-07-07T17:15:09.827`) -* [CVE-2023-37062](CVE-2023/CVE-2023-370xx/CVE-2023-37062.json) (`2023-07-07T17:15:09.883`) -* [CVE-2023-37063](CVE-2023/CVE-2023-370xx/CVE-2023-37063.json) (`2023-07-07T17:15:09.943`) -* [CVE-2023-37064](CVE-2023/CVE-2023-370xx/CVE-2023-37064.json) (`2023-07-07T17:15:10.020`) -* [CVE-2023-37065](CVE-2023/CVE-2023-370xx/CVE-2023-37065.json) (`2023-07-07T17:15:10.097`) -* [CVE-2023-37066](CVE-2023/CVE-2023-370xx/CVE-2023-37066.json) (`2023-07-07T17:15:10.167`) -* [CVE-2023-37067](CVE-2023/CVE-2023-370xx/CVE-2023-37067.json) (`2023-07-07T17:15:10.223`) -* [CVE-2023-37264](CVE-2023/CVE-2023-372xx/CVE-2023-37264.json) (`2023-07-07T17:15:10.280`) -* [CVE-2023-3543](CVE-2023/CVE-2023-35xx/CVE-2023-3543.json) (`2023-07-07T17:15:10.400`) -* [CVE-2023-3544](CVE-2023/CVE-2023-35xx/CVE-2023-3544.json) (`2023-07-07T17:15:10.577`) +* [CVE-2021-33796](CVE-2021/CVE-2021-337xx/CVE-2021-33796.json) (`2023-07-07T18:15:09.430`) +* [CVE-2021-33798](CVE-2021/CVE-2021-337xx/CVE-2021-33798.json) (`2023-07-07T18:15:09.507`) +* [CVE-2021-32494](CVE-2021/CVE-2021-324xx/CVE-2021-32494.json) (`2023-07-07T19:15:09.507`) +* [CVE-2021-32495](CVE-2021/CVE-2021-324xx/CVE-2021-32495.json) (`2023-07-07T19:15:09.600`) +* [CVE-2021-39014](CVE-2021/CVE-2021-390xx/CVE-2021-39014.json) (`2023-07-07T19:15:09.667`) +* [CVE-2023-36256](CVE-2023/CVE-2023-362xx/CVE-2023-36256.json) (`2023-07-07T18:15:09.693`) +* [CVE-2023-36992](CVE-2023/CVE-2023-369xx/CVE-2023-36992.json) (`2023-07-07T19:15:09.770`) +* [CVE-2023-36993](CVE-2023/CVE-2023-369xx/CVE-2023-36993.json) (`2023-07-07T19:15:09.827`) +* [CVE-2023-36994](CVE-2023/CVE-2023-369xx/CVE-2023-36994.json) (`2023-07-07T19:15:09.897`) ### CVEs modified in the last Commit -Recently modified CVEs: `29` +Recently modified CVEs: `64` -* [CVE-2022-23913](CVE-2022/CVE-2022-239xx/CVE-2022-23913.json) (`2023-07-07T16:15:09.390`) -* [CVE-2022-28331](CVE-2022/CVE-2022-283xx/CVE-2022-28331.json) (`2023-07-07T16:15:09.550`) -* [CVE-2023-3447](CVE-2023/CVE-2023-34xx/CVE-2023-3447.json) (`2023-07-07T16:02:02.250`) -* [CVE-2023-34844](CVE-2023/CVE-2023-348xx/CVE-2023-34844.json) (`2023-07-07T16:02:37.313`) -* [CVE-2023-20120](CVE-2023/CVE-2023-201xx/CVE-2023-20120.json) (`2023-07-07T16:02:41.643`) -* [CVE-2023-31222](CVE-2023/CVE-2023-312xx/CVE-2023-31222.json) (`2023-07-07T16:13:00.783`) -* [CVE-2023-36143](CVE-2023/CVE-2023-361xx/CVE-2023-36143.json) (`2023-07-07T16:20:03.587`) -* [CVE-2023-33336](CVE-2023/CVE-2023-333xx/CVE-2023-33336.json) (`2023-07-07T16:24:05.020`) -* [CVE-2023-32607](CVE-2023/CVE-2023-326xx/CVE-2023-32607.json) (`2023-07-07T16:28:45.697`) -* [CVE-2023-32608](CVE-2023/CVE-2023-326xx/CVE-2023-32608.json) (`2023-07-07T16:29:16.543`) -* [CVE-2023-33277](CVE-2023/CVE-2023-332xx/CVE-2023-33277.json) (`2023-07-07T16:30:07.667`) -* [CVE-2023-36484](CVE-2023/CVE-2023-364xx/CVE-2023-36484.json) (`2023-07-07T16:46:54.217`) -* [CVE-2023-30955](CVE-2023/CVE-2023-309xx/CVE-2023-30955.json) (`2023-07-07T16:52:53.380`) -* [CVE-2023-26085](CVE-2023/CVE-2023-260xx/CVE-2023-26085.json) (`2023-07-07T17:01:51.867`) -* [CVE-2023-30946](CVE-2023/CVE-2023-309xx/CVE-2023-30946.json) (`2023-07-07T17:04:55.903`) -* [CVE-2023-3117](CVE-2023/CVE-2023-31xx/CVE-2023-3117.json) (`2023-07-07T17:11:07.733`) -* [CVE-2023-34658](CVE-2023/CVE-2023-346xx/CVE-2023-34658.json) (`2023-07-07T17:11:51.400`) -* [CVE-2023-35987](CVE-2023/CVE-2023-359xx/CVE-2023-35987.json) (`2023-07-07T17:15:09.677`) -* [CVE-2023-36488](CVE-2023/CVE-2023-364xx/CVE-2023-36488.json) (`2023-07-07T17:17:29.997`) -* [CVE-2023-36467](CVE-2023/CVE-2023-364xx/CVE-2023-36467.json) (`2023-07-07T17:18:53.227`) -* [CVE-2023-3338](CVE-2023/CVE-2023-33xx/CVE-2023-3338.json) (`2023-07-07T17:20:32.650`) -* [CVE-2023-20178](CVE-2023/CVE-2023-201xx/CVE-2023-20178.json) (`2023-07-07T17:47:17.953`) -* [CVE-2023-36476](CVE-2023/CVE-2023-364xx/CVE-2023-36476.json) (`2023-07-07T17:51:22.317`) -* [CVE-2023-37365](CVE-2023/CVE-2023-373xx/CVE-2023-37365.json) (`2023-07-07T17:51:51.580`) -* [CVE-2023-20188](CVE-2023/CVE-2023-201xx/CVE-2023-20188.json) (`2023-07-07T17:55:35.560`) +* [CVE-2023-1298](CVE-2023/CVE-2023-12xx/CVE-2023-1298.json) (`2023-07-07T18:15:09.607`) +* [CVE-2023-26135](CVE-2023/CVE-2023-261xx/CVE-2023-26135.json) (`2023-07-07T18:21:34.797`) +* [CVE-2023-28387](CVE-2023/CVE-2023-283xx/CVE-2023-28387.json) (`2023-07-07T18:24:25.427`) +* [CVE-2023-37305](CVE-2023/CVE-2023-373xx/CVE-2023-37305.json) (`2023-07-07T18:24:43.897`) +* [CVE-2023-37303](CVE-2023/CVE-2023-373xx/CVE-2023-37303.json) (`2023-07-07T18:25:58.080`) +* [CVE-2023-37301](CVE-2023/CVE-2023-373xx/CVE-2023-37301.json) (`2023-07-07T18:26:42.243`) +* [CVE-2023-26428](CVE-2023/CVE-2023-264xx/CVE-2023-26428.json) (`2023-07-07T18:27:11.337`) +* [CVE-2023-34648](CVE-2023/CVE-2023-346xx/CVE-2023-34648.json) (`2023-07-07T18:36:09.547`) +* [CVE-2023-35178](CVE-2023/CVE-2023-351xx/CVE-2023-35178.json) (`2023-07-07T18:37:18.853`) +* [CVE-2023-35177](CVE-2023/CVE-2023-351xx/CVE-2023-35177.json) (`2023-07-07T18:37:42.030`) +* [CVE-2023-35176](CVE-2023/CVE-2023-351xx/CVE-2023-35176.json) (`2023-07-07T18:38:36.187`) +* [CVE-2023-35175](CVE-2023/CVE-2023-351xx/CVE-2023-35175.json) (`2023-07-07T18:38:58.350`) +* [CVE-2023-26429](CVE-2023/CVE-2023-264xx/CVE-2023-26429.json) (`2023-07-07T18:39:40.127`) +* [CVE-2023-33276](CVE-2023/CVE-2023-332xx/CVE-2023-33276.json) (`2023-07-07T18:39:53.007`) +* [CVE-2023-26431](CVE-2023/CVE-2023-264xx/CVE-2023-26431.json) (`2023-07-07T18:40:28.863`) +* [CVE-2023-36607](CVE-2023/CVE-2023-366xx/CVE-2023-36607.json) (`2023-07-07T18:43:19.817`) +* [CVE-2023-3465](CVE-2023/CVE-2023-34xx/CVE-2023-3465.json) (`2023-07-07T18:45:16.383`) +* [CVE-2023-3464](CVE-2023/CVE-2023-34xx/CVE-2023-3464.json) (`2023-07-07T18:46:28.547`) +* [CVE-2023-36146](CVE-2023/CVE-2023-361xx/CVE-2023-36146.json) (`2023-07-07T18:48:07.887`) +* [CVE-2023-3478](CVE-2023/CVE-2023-34xx/CVE-2023-3478.json) (`2023-07-07T18:52:16.210`) +* [CVE-2023-37307](CVE-2023/CVE-2023-373xx/CVE-2023-37307.json) (`2023-07-07T19:00:08.273`) +* [CVE-2023-37306](CVE-2023/CVE-2023-373xx/CVE-2023-37306.json) (`2023-07-07T19:00:31.167`) +* [CVE-2023-36347](CVE-2023/CVE-2023-363xx/CVE-2023-36347.json) (`2023-07-07T19:05:16.083`) +* [CVE-2023-3113](CVE-2023/CVE-2023-31xx/CVE-2023-3113.json) (`2023-07-07T19:09:45.693`) +* [CVE-2023-20006](CVE-2023/CVE-2023-200xx/CVE-2023-20006.json) (`2023-07-07T19:46:53.497`) ## Download and Usage